urlscan.io logo urlscan.io
SecurityTrails logo

www.theguardian.com Open in urlscan Pro
2a04:4e42:200::367  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Submission: On September 19 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 126 domains to perform 467 HTTP transactions. The main IP is 2a04:4e42:200::367, located in United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 18718.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on December 19th 2022. Valid for: a year.
This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
55 2a04:4e42:200... 54113 (FASTLY)
26 2a04:4e42:400... 54113 (FASTLY)
14 52.210.213.112 16509 (AMAZON-02)
6 151.101.193.111 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 13.249.42.27 16509 (AMAZON-02)
2 4 3.163.80.98 16509 (AMAZON-02)
1 23.41.169.52 16625 (AKAMAI-AS)
1 146.75.32.157 54113 (FASTLY)
1 142.251.163.154 15169 (GOOGLE)
2 104.19.150.54 13335 (CLOUDFLAR...)
1 3.162.3.68 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 20.40.202.2 8075 (MICROSOFT...)
1 23.205.56.163 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.192.51.26 16509 (AMAZON-02)
2 104.244.42.133 13414 (TWITTER)
2 104.244.42.3 13414 (TWITTER)
1 35.241.9.51 15169 (GOOGLE)
11 12 68.67.181.211 29990 (ASN-APPNEX)
9 34.107.254.252 396982 (GOOGLE-CL...)
3 52.21.109.44 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 3.161.212.32 16509 (AMAZON-02)
4 69.166.1.64 27630 (AS-XFERNET)
4 104.36.115.111 62713 (AS-PUBMATIC)
5 2620:100:a001... 19750 (AS-CRITEO)
3 195.244.31.10 63140 (IGUANA-WO...)
4 20 104.18.26.193 13335 (CLOUDFLAR...)
26 172.64.144.78 13335 (CLOUDFLAR...)
4 50.17.145.177 14618 (AMAZON-AES)
4 35.211.91.9 19527 (GOOGLE-2)
1 15 52.46.128.147 16509 (AMAZON-02)
4 8 34.98.64.218 396982 (GOOGLE-CL...)
2 2 23.105.12.171 30633 (LEASEWEB-...)
5 23.196.184.208 16625 (AKAMAI-AS)
7 16 52.223.22.214 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 7 172.64.146.152 13335 (CLOUDFLAR...)
23 104.18.41.104 13335 (CLOUDFLAR...)
13 15 172.253.63.154 15169 (GOOGLE)
12 12 52.223.40.198 16509 (AMAZON-02)
5 5 34.200.65.202 14618 (AMAZON-AES)
1 5 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
2 2 54.196.73.80 14618 (AMAZON-AES)
2 2600:9000:269... 16509 (AMAZON-02)
1 2600:9000:26c... 16509 (AMAZON-02)
4 4 35.207.24.140 15169 (GOOGLE)
12 13 35.211.178.172 15169 (GOOGLE)
1 16 69.166.1.35 27630 (AS-XFERNET)
1 35.211.206.254 19527 (GOOGLE-2)
1 35.211.85.235 19527 (GOOGLE-2)
1 2620:100:a001::2 19750 (AS-CRITEO)
2 3.221.40.21 14618 (AMAZON-AES)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
2 2620:100:a001::4 19750 (AS-CRITEO)
5 8 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
2 30 104.36.113.107 62713 (AS-PUBMATIC)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
5 8.28.7.84 62713 (AS-PUBMATIC)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 2600:9000:244... 16509 (AMAZON-02)
10 10 52.3.159.23 14618 (AMAZON-AES)
4 4 198.148.27.131 19189 (PULSEPOINT)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 35.214.178.127 15169 (GOOGLE)
3 5 35.190.60.146 15169 (GOOGLE)
3 3 207.198.113.87 13768 (COGECO-PEER1)
2 3 3.217.186.3 14618 (AMAZON-AES)
2 2 34.239.25.202 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 63.251.28.133 13789 (INTERNAP-...)
1 34.199.244.199 14618 (AMAZON-AES)
1 13.32.87.78 16509 (AMAZON-02)
1 1 172.240.155.68 7979 (SERVERS-COM)
2 2 52.86.26.20 14618 (AMAZON-AES)
1 1 143.244.220.80 14061 (DIGITALOC...)
3 3 52.45.70.160 14618 (AMAZON-AES)
2 2600:1f13:800... 16509 (AMAZON-02)
4 2620:100:a001... 19750 (AS-CRITEO)
2 23.20.19.153 14618 (AMAZON-AES)
3 3 74.119.119.150 19750 (AS-CRITEO)
2 2 141.226.124.48 200478 (TABOOLA-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 3 3.231.182.141 14618 (AMAZON-AES)
1 184.28.136.218 16625 (AKAMAI-AS)
1 2 107.178.254.65 15169 (GOOGLE)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 52.86.10.106 14618 (AMAZON-AES)
2 4 50.57.31.206 19994 (RACKSPACE)
1 18.164.78.45 16509 (AMAZON-02)
1 1 18.223.200.255 16509 (AMAZON-02)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 1 159.89.246.130 14061 (DIGITALOC...)
10 11 162.19.138.82 16276 (OVH)
1 1 18.211.166.244 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 3 63.251.86.50 32475 (SINGLEHOP...)
1 2620:112:f002... 6336 (TURN-US-ASN)
1 1 44.217.241.9 14618 (AMAZON-AES)
3 3 199.38.167.131 54312 (ROCKETFUEL)
1 1 185.184.8.90 204995 (RTB-HOUSE...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 52.4.122.177 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 23.105.12.136 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
3 4 151.101.66.49 54113 (FASTLY)
1 169.197.150.8 398989 (DEEPINTENT)
4 4 173.231.184.20 32475 (SINGLEHOP...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 2 3.228.73.196 14618 (AMAZON-AES)
1 52.3.238.251 14618 (AMAZON-AES)
4 4 2606:ae80:145... 25751 (VALUECLICK)
2 3 3.214.50.117 14618 (AMAZON-AES)
1 1 35.186.253.211 15169 (GOOGLE)
2 2 3.224.224.255 14618 (AMAZON-AES)
1 37.157.6.237 198622 (ADFORM)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 2 54.204.10.18 14618 (AMAZON-AES)
1 52.19.113.29 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
1 50.16.128.129 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
3 3 185.167.164.49 198622 (ADFORM)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.105.232.22 63949 (AKAMAI-LI...)
4 4 199.127.204.171 26120 (RHYTHMONE)
1 162.55.120.196 24940 (HETZNER-AS)
1 44.194.131.144 14618 (AMAZON-AES)
3 3 3.232.240.137 14618 (AMAZON-AES)
2 2 3.162.3.122 16509 (AMAZON-02)
1 2 52.44.127.59 14618 (AMAZON-AES)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 23.34.248.177 16625 (AKAMAI-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 23.61.60.237 16625 (AKAMAI-AS)
3 4 35.172.171.236 14618 (AMAZON-AES)
1 3.162.3.48 16509 (AMAZON-02)
3 3 141.94.171.213 16276 (OVH)
2 3 3.232.64.79 14618 (AMAZON-AES)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 1 54.144.230.125 14618 (AMAZON-AES)
2 2 54.167.134.46 14618 (AMAZON-AES)
1 1 63.251.86.49 32475 (SINGLEHOP...)
467 104
55    2a04:4e42:200::367 (United States)

ASN54113 (FASTLY, US)
www.theguardian.com
assets.guim.co.uk
i.guim.co.uk
sourcepoint.theguardian.com
26    2a04:4e42:400::367 (United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
sourcepoint.theguardian.com
contributions.guardianapis.com
14    52.210.213.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
ophan.theguardian.com
6    151.101.193.111 (United States)

ASN54113 (FASTLY, US)
api.nextgen.guardianapps.co.uk
2    2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net
c.amazon-adsystem.com
4    3.163.80.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-80-98.atl58.r.cloudfront.net
sb.scorecardresearch.com
1    23.41.169.52 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-52.deploy.static.akamaitechnologies.com
a.teads.tv
1    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
www.googleadservices.com
2    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    3.162.3.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-68.yul62.r.cloudfront.net
cdn.adsafeprotected.com
2    2606:4700:20::ac43:4842 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
13    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
stats.g.doubleclick.net
2    2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pubads.g.doubleclick.net
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    23.205.56.163 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com
at.teads.tv
3    2607:f8b0:4004:c17::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    54.192.51.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-26.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
12    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
3    52.21.109.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-109-44.compute-1.amazonaws.com
pixel.adsafeprotected.com
3    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
4    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
4    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
3    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
hb-api.omnitagjs.com
20    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
26    172.64.144.78 (United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
4    50.17.145.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-145-177.compute-1.amazonaws.com
tlx.3lift.com
4    35.211.91.9 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 9.91.211.35.bc.googleusercontent.com
grid.bidswitch.net
15    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync-global.smartadserver.com
5    23.196.184.208 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-184-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
16    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
23    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
ins.connatix.com
cks.connatix.com
15    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
12    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    54.196.73.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-73-80.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2600:9000:269f:9a00:6:1e88:a100:21 (United States)

ASN16509 (AMAZON-02, US)
d31otfhas71ais.cloudfront.net
1    2600:9000:26c6:8200:17:b93b:fa40:21 (United States)

ASN16509 (AMAZON-02, US)
de9a11s35xj3d.cloudfront.net
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb-use.mfadsrvr.com
rtb.mfadsrvr.com
13    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
us-east-sync.bidswitch.net
16    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.211.206.254 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 254.206.211.35.bc.googleusercontent.com
pdc.bidswitch.net
1    35.211.85.235 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 235.85.211.35.bc.googleusercontent.com
media.grid.bidswitch.net
1    2620:100:a001::2 (United States)

ASN19750 (AS-CRITEO, US)
grid-mercury.criteo.com
2    3.221.40.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-40-21.compute-1.amazonaws.com
protected-by.clarium.io
7    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
30    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
5    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2600:9000:244b:3a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    52.3.159.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-159-23.compute-1.amazonaws.com
match.prod.bidr.io
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
ipac.ctnsnet.com
2    35.214.178.127 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 127.178.214.35.bc.googleusercontent.com
csync.loopme.me
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    3.217.186.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-186-3.compute-1.amazonaws.com
sync.crwdcntrl.net
2    34.239.25.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-25-202.compute-1.amazonaws.com
ads.yieldmo.com
1    2600:1f18:612b:4280:ac3d:4c40:fa62:5be7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
2    63.251.28.133 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    34.199.244.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-244-199.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    13.32.87.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-87-78.mia3.r.cloudfront.net
tags.crwdcntrl.net
1    172.240.155.68 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    52.86.26.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-26-20.compute-1.amazonaws.com
vop.sundaysky.com
1    143.244.220.80 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
3    52.45.70.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-70-160.compute-1.amazonaws.com
sync.ipredictive.com
2    2600:1f13:800:7780:6781:2538:d349:ce7f (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
2    23.20.19.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-19-153.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    3.231.182.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-182-141.compute-1.amazonaws.com
thrtle.com
1    184.28.136.218 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-218.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.86.10.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-10-106.compute-1.amazonaws.com
dpm.demdex.net
4    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    18.164.78.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-78-45.atl58.r.cloudfront.net
api.intentiq.com
1    18.223.200.255 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-200-255.us-east-2.compute.amazonaws.com
x.videobyte.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
11    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    18.211.166.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-166-244.compute-1.amazonaws.com
rtb.gumgum.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
3    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    44.217.241.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-241-9.compute-1.amazonaws.com
nep.advangelists.com
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.4.122.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-122-177.compute-1.amazonaws.com
ads.creative-serving.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    3.228.73.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-73-196.compute-1.amazonaws.com
crb.kargo.com
1    52.3.238.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-238-251.compute-1.amazonaws.com
sync.bfmio.com
4    2606:ae80:1451:17::1400 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
3    3.214.50.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-50-117.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    3.224.224.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-224-255.compute-1.amazonaws.com
ad2.360yield.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    54.204.10.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-10-18.compute-1.amazonaws.com
pm.w55c.net
1    52.19.113.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-113-29.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    51.68.39.188 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    50.16.128.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-128-129.compute-1.amazonaws.com
rtb.adentifi.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
3    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    172.105.232.22 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1886-22.members.linode.com
gocm.c.appier.net
4    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    44.194.131.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-131-144.compute-1.amazonaws.com
bpi.rtactivate.com
3    3.232.240.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-240-137.compute-1.amazonaws.com
i.liadm.com
2    3.162.3.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-122.yul62.r.cloudfront.net
live.rezync.com
2    52.44.127.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-127-59.compute-1.amazonaws.com
io.narrative.io
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    23.34.248.177 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com
hbx.media.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    23.61.60.237 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-60-237.deploy.static.akamaitechnologies.com
px.owneriq.net
4    35.172.171.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-171-236.compute-1.amazonaws.com
a.audrte.com
1    3.162.3.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-48.yul62.r.cloudfront.net
aa.agkn.com
3    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
3    3.232.64.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com
ps.eyeota.net
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    54.144.230.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-230-125.compute-1.amazonaws.com
match.sharethrough.com
2    54.167.134.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-134-46.compute-1.amazonaws.com
ads.avct.cloud
1    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
Apex Domain
Subdomains		 Transfer
58 guim.co.uk
assets.guim.co.uk — Cisco Umbrella Rank: 26110
i.guim.co.uk — Cisco Umbrella Rank: 18644
808 KB
51 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image4.pubmatic.com — Cisco Umbrella Rank: 1978
image8.pubmatic.com Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
67 KB
30 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 2428
cd.connatix.com — Cisco Umbrella Rank: 4820
cds.connatix.com — Cisco Umbrella Rank: 5139
ins.connatix.com — Cisco Umbrella Rank: 6951
lit.connatix.com Failed
cks.connatix.com — Cisco Umbrella Rank: 11715
vid.connatix.com Failed
385 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
258 KB
29 theguardian.com
www.theguardian.com — Cisco Umbrella Rank: 18718
ophan.theguardian.com — Cisco Umbrella Rank: 22725
sourcepoint.theguardian.com — Cisco Umbrella Rank: 27482
200 KB
26 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 6936
48 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
78 KB
20 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
9 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum.casalemedia.com — Cisco Umbrella Rank: 2094
14 KB
20 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3687
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
21 KB
19 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 2697
pdc.bidswitch.net — Cisco Umbrella Rank: 9377
media.grid.bidswitch.net — Cisco Umbrella Rank: 3120
22 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
grid-mercury.criteo.com — Cisco Umbrella Rank: 3619
gum.criteo.com — Cisco Umbrella Rank: 640
ssp-sync.criteo.com — Cisco Umbrella Rank: 1816
dis.criteo.com — Cisco Umbrella Rank: 910
dis.eu.criteo.com — Cisco Umbrella Rank: 13639
12 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
6 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
8 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
16 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3714
api.permutive.com — Cisco Umbrella Rank: 2885
381 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
5 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
5 KB
9 openx.net
u.openx.net — Cisco Umbrella Rank: 1024
us-u.openx.net — Cisco Umbrella Rank: 863
rtb.openx.net — Cisco Umbrella Rank: 1029
2 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
45 KB
8 guardianapis.com
contributions.guardianapis.com — Cisco Umbrella Rank: 28231
75 KB
7 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5439
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025
static.adsafeprotected.com — Cisco Umbrella Rank: 851
dt.adsafeprotected.com — Cisco Umbrella Rank: 765
87 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
14 KB
6 guardianapps.co.uk
api.nextgen.guardianapps.co.uk — Cisco Umbrella Rank: 28195
2 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
idsync.rlcdn.com — Cisco Umbrella Rank: 719
1 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
d.turn.com — Cisco Umbrella Rank: 2206
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1654
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
prebid-match.dotomi.com — Cisco Umbrella Rank: 3475
1 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1486
ap.lijit.com — Cisco Umbrella Rank: 1012
3 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
3 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
3 KB
4 mfadsrvr.com
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 11338
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1698
1 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
3 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1620
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3680
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 1067
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2679
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
3 KB
3 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2192
959 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933 Failed
2 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
2 KB
3 cloudfront.net
d31otfhas71ais.cloudfront.net
de9a11s35xj3d.cloudfront.net
156 KB
3 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 11393
ssbsync.smartadserver.com Failed
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2389
985 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 11
2 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3746
collector.brandmetrics.com — Cisco Umbrella Rank: 4828
19 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 6648
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3422
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 7127
643 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2356
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 10635
967 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
1 KB
2 360yield.com
ad2.360yield.com — Cisco Umbrella Rank: 15090
703 B
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 2259
774 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 7595
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
770 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1298
825 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1624
945 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 5199
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1089
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
504 B
2 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 9233
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
756 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
csm.va.us.criteo.net Failed
62 KB
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2211
466 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
114 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1065
610 B
2 t.co
t.co — Cisco Umbrella Rank: 707
598 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
at.teads.tv — Cisco Umbrella Rank: 5238
4 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2059
153 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 936
658 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
282 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
463 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2888
109 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
650 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 4124
437 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2199
674 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 5404
308 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
552 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1944
287 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4515
566 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5076
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2870
425 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
591 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
222 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
7 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 481
688 B
1 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
261 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 5554
184 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2264
275 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 4968
376 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
1 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 7202
231 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1088
451 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2443 Failed
2 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876 Failed
249 B
1 intentiq.com
sync.intentiq.com Failed
api.intentiq.com — Cisco Umbrella Rank: 1972
738 B
1 media.net
cs.media.net Failed
contextual.media.net Failed
hbx.media.net — Cisco Umbrella Rank: 1959
635 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 4384
418 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2353
697 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 20862
426 B
1 rubiconproject.com
eus.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
810 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 8827
1 prmutv.co
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co — Cisco Umbrella Rank: 68246
397 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1078
15 KB
0 bnmla.com Failed
match.bnmla.com Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 33across.com Failed
ssc-cms.33across.com — Cisco Umbrella Rank: 1718 Failed
0 googleapis.com Failed
imasdk.googleapis.com Failed
0 iqzone.com Failed
xsync.iqzone.com Failed
0 tynt.com Failed
de.tynt.com Failed
467 126
Domain Requested by
55 assets.guim.co.uk www.theguardian.com
assets.guim.co.uk
26 elb.the-ozone-project.com assets.guim.co.uk
elb.the-ozone-project.com
ads.pubmatic.com
static.cloudflareinsights.com
21 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
elb.the-ozone-project.com
17 cks.connatix.com www.theguardian.com
cs-server-s2s.yellowblue.io
16 sync.go.sonobi.com 1 redirects www.theguardian.com
cs-server-s2s.yellowblue.io
16 eb2.3lift.com 7 redirects s.amazon-adsystem.com
assets.guim.co.uk
eb2.3lift.com
15 cm.g.doubleclick.net 13 redirects u.openx.net
eb2.3lift.com
15 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
www.theguardian.com
14 ophan.theguardian.com www.theguardian.com
13 sourcepoint.theguardian.com assets.guim.co.uk
sourcepoint.theguardian.com
12 match.adsrvr.org 12 redirects
12 securepubads.g.doubleclick.net assets.guim.co.uk
securepubads.g.doubleclick.net
www.theguardian.com
www.googletagservices.com
cds.connatix.com
11 id5-sync.com 10 redirects www.theguardian.com
11 x.bidswitch.net 10 redirects www.theguardian.com
cs-server-s2s.yellowblue.io
10 match.prod.bidr.io 10 redirects
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
9 api.permutive.com assets.guim.co.uk
8 pixel.tapad.com 5 redirects s.amazon-adsystem.com
www.theguardian.com
ads.pubmatic.com
8 ib.adnxs.com 7 redirects assets.guim.co.uk
cs-server-s2s.yellowblue.io
8 contributions.guardianapis.com assets.guim.co.uk
www.theguardian.com
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 capi.connatix.com 1 redirects www.theguardian.com
cds.connatix.com
6 us-u.openx.net 3 redirects u.openx.net
cs-server-s2s.yellowblue.io
ads.pubmatic.com
6 api.nextgen.guardianapps.co.uk assets.guim.co.uk
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
5 ups.analytics.yahoo.com 5 redirects
5 ads.pubmatic.com s.amazon-adsystem.com
cds.connatix.com
assets.guim.co.uk
elb.the-ozone-project.com
5 bidder.criteo.com assets.guim.co.uk
static.criteo.net
4 a.audrte.com 3 redirects elb.the-ozone-project.com
4 simage4.pubmatic.com ads.pubmatic.com
4 cm.adgrx.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 uipglob.semasio.net 2 redirects www.theguardian.com
elb.the-ozone-project.com
4 ssp-sync.criteo.com assets.guim.co.uk
www.theguardian.com
4 bh.contextweb.com 4 redirects cs-server-s2s.yellowblue.io
4 secure.adnxs.com 4 redirects
4 ad.turn.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
js-sec.indexww.com
4 grid.bidswitch.net assets.guim.co.uk
4 tlx.3lift.com assets.guim.co.uk
4 htlb.casalemedia.com assets.guim.co.uk
4 hbopenbid.pubmatic.com assets.guim.co.uk
4 apex.go.sonobi.com assets.guim.co.uk
4 aax.amazon-adsystem.com assets.guim.co.uk
4 sb.scorecardresearch.com 2 redirects
3 ps.eyeota.net 2 redirects elb.the-ozone-project.com
3 pixel.onaudience.com 3 redirects
3 i.liadm.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 p.rfihub.com 3 redirects
3 ce.lijit.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 thrtle.com 1 redirects www.theguardian.com
ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 sync.1rx.io cs-server-s2s.yellowblue.io
3 sync.ipredictive.com 3 redirects
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 cds.connatix.com cd.connatix.com
cds.connatix.com
3 hb-api.omnitagjs.com assets.guim.co.uk
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 pagead2.googlesyndication.com assets.guim.co.uk
tpc.googlesyndication.com
www.googletagservices.com
3 pixel.adsafeprotected.com assets.guim.co.uk
www.theguardian.com
3 www.google.com tpc.googlesyndication.com
3 c.amazon-adsystem.com assets.guim.co.uk
3 i.guim.co.uk www.theguardian.com
2 ads.avct.cloud 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 px.owneriq.net 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 live.rezync.com 2 redirects
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 ad2.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 crb.kargo.com 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 dpm.demdex.net 1 redirects www.theguardian.com
2 px.ads.linkedin.com www.theguardian.com
eb2.3lift.com
2 pippio.com 1 redirects ads.pubmatic.com
2 sync.taboola.com 2 redirects
2 bcp.crwdcntrl.net assets.guim.co.uk
ads.pubmatic.com
2 dt.adsafeprotected.com
2 vop.sundaysky.com 2 redirects
2 ads.stickyadstv.com 1 redirects cs-server-s2s.yellowblue.io
ssum-sec.casalemedia.com
2 ads.yieldmo.com 2 redirects cs-server-s2s.yellowblue.io
2 id.rlcdn.com 1 redirects www.theguardian.com
2 csync.loopme.me 2 redirects cs-server-s2s.yellowblue.io
2 ssum.casalemedia.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 um.simpli.fi 2 redirects
2 static.criteo.net assets.guim.co.uk
2 protected-by.clarium.io www.theguardian.com
2 rtb.mfadsrvr.com 2 redirects
2 us-east-sync.bidswitch.net 2 redirects
2 rtb-use.mfadsrvr.com 2 redirects
2 d31otfhas71ais.cloudfront.net www.theguardian.com
2 sync.srv.stackadapt.com 2 redirects
2 www.googletagservices.com www.theguardian.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 analytics.twitter.com
2 t.co
2 cdn.brandmetrics.com assets.guim.co.uk
cdn.brandmetrics.com
2 cdn.permutive.com assets.guim.co.uk
2 cdn.confiant-integrations.net assets.guim.co.uk
cdn.confiant-integrations.net
2 www.google-analytics.com assets.guim.co.uk
2 www.theguardian.com assets.guim.co.uk
1 ap.lijit.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 aa.agkn.com elb.the-ozone-project.com
1 dmp.adform.net 1 redirects
1 core.iprom.net ads.pubmatic.com
1 hbx.media.net elb.the-ozone-project.com
1 ads.playground.xyz 1 redirects
1 bpi.rtactivate.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 pixel.rubiconproject.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cm.adform.net elb.the-ozone-project.com
1 rtb.openx.net 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.bfmio.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 c.bing.com eb2.3lift.com
1 creativecdn.com 1 redirects
1 nep.advangelists.com 1 redirects
1 d.turn.com www.theguardian.com
1 dis.eu.criteo.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 e.serverbid.com 1 redirects
1 sync.adkernel.com www.theguardian.com
1 x.videobyte.com 1 redirects
1 api.intentiq.com www.theguardian.com
1 tags.bluekai.com www.theguardian.com
1 js-sec.indexww.com assets.guim.co.uk
1 sync.technoratimedia.com cs-server-s2s.yellowblue.io
1 match.sharethrough.com cs-server-s2s.yellowblue.io
1 sync.resetdigital.co 1 redirects
1 sync.colossusssp.com 1 redirects
1 tags.crwdcntrl.net cds.connatix.com
1 cs-server-s2s.yellowblue.io cds.connatix.com
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 static.adsafeprotected.com www.theguardian.com
1 gum.criteo.com static.criteo.net
gum.criteo.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 grid-mercury.criteo.com www.theguardian.com
1 media.grid.bidswitch.net www.theguardian.com
1 pdc.bidswitch.net www.theguardian.com
1 de9a11s35xj3d.cloudfront.net www.theguardian.com
1 cd.connatix.com www.theguardian.com
1 ssbsync-us.smartadserver.com 1 redirects
1 pubads.g.doubleclick.net
1 d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co assets.guim.co.uk
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 at.teads.tv assets.guim.co.uk
1 stats.g.doubleclick.net assets.guim.co.uk
1 collector.brandmetrics.com cdn.brandmetrics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 cdn.adsafeprotected.com assets.guim.co.uk
1 www.googleadservices.com assets.guim.co.uk
1 static.ads-twitter.com assets.guim.co.uk
1 a.teads.tv assets.guim.co.uk
0 match.bnmla.com Failed www.theguardian.com
0 ssl-market-east.smrtb.com Failed www.theguardian.com
0 csm.va.us.criteo.net Failed gum.criteo.com
0 contextual.media.net Failed cs-server-s2s.yellowblue.io
0 image8.pubmatic.com Failed cs-server-s2s.yellowblue.io
0 ssc-cms.33across.com Failed cs-server-s2s.yellowblue.io
0 ssbsync.smartadserver.com Failed cs-server-s2s.yellowblue.io
0 vid.connatix.com Failed cds.connatix.com
0 imasdk.googleapis.com Failed cds.connatix.com
0 sync.intentiq.com Failed
0 cs.media.net Failed
0 xsync.iqzone.com Failed cds.connatix.com
0 de.tynt.com Failed cds.connatix.com
0 eus.rubiconproject.com Failed cds.connatix.com
0 lit.connatix.com Failed cds.connatix.com
467 196

This site contains no links.

Subject Issuer Validity Valid
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-19 -
2024-01-20		 a year crt.sh
ophan.theguardian.com
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
the-ozone-project.com
E1		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-16 -
2024-02-15		 a year crt.sh
connatix.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
pdc.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-04-03 -
2024-04-03		 a year crt.sh
media.grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-08-11		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Frame ID: 4F53494393CC8B0DBC91FC24F27065B3
Requests: 243 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
Frame ID: 326B4B1C8D54641E8E0CD437FBF44365
Requests: 7 HTTP requests in this frame

Frame: https://4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 883EBB2960470E1544F3F0E73EDA34DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37ADB8FD1236780729799140EA8A1CC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09A2234C9CC3B2AA489854FDE37C6FD7
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: DE6AE7144928238A333E538AA2551F57
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 11A3E02ABFA2E54E5C92D69EC54D4AFA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: DD20F8C7D1FD695893177ABFA992D7E9
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: D175BCF99BF57E78DC97DAA5A90E4710
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2457807864703770449&gdpr=0&gdpr_consent=
Frame ID: 129082426C068586B992FCE761619F2F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 005AB648DCFF70159566CD5463F92899
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6004480877952621289&ex=appnexus.com
Frame ID: 3E8A7B90F1CF182AF7C5E476A227BE0B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2929301841228134313336
Frame ID: C5CE2DB2D6000EC4493E774E9255B06F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRdg9WDLsXnFXUelA3EgFiO-vpbxP_foo0G2N3DRA_VY6CIVspjBN7r91UcTtZS--AaUe9JnlcVVJuNM7E4DyFQ2gY4B9Lw7r5IZpH22n-_loPGLatrqjV1PF1tyuGDgag7wtag8nBSDkPraZDel32xbqEH30EbE5e0Sp2PTrwTJpDCgf7RiyYWWaaTlQo6d_mrYZUiiC1-UfkfQ9b7lzqVr9gob2enYXrZIR0xhxA2XB4mZsU_yYvGmZvJhpwgDJxUSfOEt5dyKxcQpCql9IhJeosJmVeFG3Q8lYyihAwSRgTCSZ2_Dn9xEyHsbf1YZ7HRWaoT_YfxO4dGwoMd4mhp_JBRCDPxfjlQFEQ4DqK&sai=AMfl-YQyFcpy7xmzTsG2QKDvBrrDmsD7zJLUGwwcdR-hmbsIdIMfyobvC5MhZl6E-ERkc61OkEiaN9fQPMQeOnpvwQrExrhv_gayjpzh3ZipXLs3bn4Yhva_im-cSx8tbA&sig=Cg0ArKJSzBLstZPqa-jyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4EE6EF27405CAD75942C62F09438FAEB
Requests: 6 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Frame ID: D08E211E1B09E81D51E00ABB1097EA96
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv55DWcXdQqUV6R0qvMjEDUp1hAmU5IQ8wJo56FMYMnKh006pgYSfE9UUlWvvLG6oOUcRDm4NyfXJFSyDt2zuroKtfqBWgP1NJyrevpqq5_tmWqwE9Kq25N0NqrFiMlwPILHqrcHXNABMNTLh_YsVQuqn2MGtJkPjlUsAN3TjSvhlPU-_h5BTcuWEmJmIpgAyTr2NdMkR-_svN1Nfl3ZXCKoOm2ExMJKV8V80zM6sDBkEBF0QHU3KCdG7MP0uXERtpJOqx5o7CyT-BvGgjX74pq5-yoVZ--toofx20S291iduJO5lrHv4KUEkUJJKVJwhK-HXE0lYH46SfHUAPdZQunXk4D-ciW3LrI0cNGhp61&sai=AMfl-YTQaaKjiw_UM0H3lhUSZ5LQBOpjORNZTW6CwXvKBmTFKHe1o36S60_ciknUx9_V7ZIFm6CIPIHv8VX6wFIH4Vk9lyWlZSUs03ruUZEEcpCELyjmL94fvw-TDS373w&sig=Cg0ArKJSzIw-iKp6EhhqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 24FD591B3D2EFF752535319B88E509E4
Requests: 14 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10249&campId=970x250&pubId=4499194706&chanId=85273887&placementId=6115382082&pubCreative=138221630458&pubOrder=3085351805&custom=article&custom2=top-above-nav&custom3=us&adsafe_par&impId=
Frame ID: DED580BB40787BC11C70078C4DF6B2A1
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4A2A46162DA604BEFBA93E5FAB69A6CD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Frame ID: D54B94CE22DFB852EB23BA127F7E1E70
Requests: 1 HTTP requests in this frame

Frame: https://4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6077E7A3422AA66226DA7AA8E6A76159
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Frame ID: 032B8FF0E26762774C50AD4F73F3BB0B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 5AFB71EDD44B6445F86168F18D0DD890
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Frame ID: F2E510AFFED1F965FDF7D72B74C4E0D3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: CBCAFCEAE59C0A76C7EF7275791D1A30
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 05603413B22368268124C76779426A00
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Frame ID: 92116B3FE05F91F872E785B2F43674D5
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 1FADBEE1E692B14727EAC37FE5015C05
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DE8E48A8B5716FA1D27A0067212F1308
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Frame ID: 11C2B0367D1E08CD1A7BE81F12204575
Requests: 23 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3792065C93ADD75DE122092CB41B0F8F
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6004480877952621289&gdpr=0&gdpr_consent=
Frame ID: 16D2C4C417FF40FDF36BD70D93BB93F5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSyE7KE08AABXBedE9gw&gdpr=0
Frame ID: C4651433C7604ECD1C37F6FF800D0DB1
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQmnaAARlMmTaAAb
Frame ID: 3EFD77808F8096045CBFDA075FC2A3F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 658F747DB297EAB2F5EF37612E130A5B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
Frame ID: 29A997E6E9BC52921F55B3291227997E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
Frame ID: 8D16913F037D725855A947F9B8EB3E8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 4EE97C8C809319EDE584D4F84FCE1562
Requests: 19 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 2C39B7FB065D7232A65E29121939A175
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko&gdpr=0&gdpr_consent=
Frame ID: CCBDF5CF04C1E1A380CB72C60909040A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0uGLMbaw1QIB8o5&gdpr=0&gdpr_consent=
Frame ID: 6C794C882794E3770EB6129549277330
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Frame ID: 032FF129DCC2E9B9AFB7FE64B7BEAAEF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777325356003384
Frame ID: 201EF05C150AAB81166796BC22B107B4
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Frame ID: F49F63207F6914CA8D0FFA7F93E1285E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 54C29FA35818A681F09417C732B07D1F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa8db507c5a5c4c0eb726e8ce08e02c85
Frame ID: 9D6475113A08F166199FFE91ED8BAB3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Frame ID: BF340E3ED5F2FC285ADB0E2E02DF7B5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=829426950637
Frame ID: 313F969286238252AA6E5AA37550161B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A43F5B23E22C9E3D8DA7A7C091988278
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uy90B5zCAEWTTGqJXacJZQ
Frame ID: 2EDE9319734FA71D8C60DABAA71D52C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
Frame ID: 1BD734972BD4111001CEA53789C3B29D
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 1728737F2E730AC72169FF03E4FD58E3
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3D8CAA96E665D4E4311712C5414E29B2
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D574873E57DACECD467476641650743A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7484178861028887040
Frame ID: FA5BA31C61AF881F658C84A2E30EF7C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557&gdpr=0&gdpr_consent=
Frame ID: 5944765C62C2E7195B9050776ED51E50
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Frame ID: 3EBAF3D089666F6D953A116D1BD738C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

467
Requests

68 %
HTTPS

21 %
IPv6

126
Domains

196
Subdomains

104
IPs

10
Countries

3104 kB
Transfer

10050 kB
Size

275
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 104
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&c8=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&c8=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&c9=
Request Chain 158
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 182
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 183
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2457807864703770449&gdpr=0&gdpr_consent=
Request Chain 185
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6004480877952621289&ex=appnexus.com
Request Chain 186
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2929301841228134313336
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF9X6QltK3St7IYUgMVFsM8&google_cver=1
Request Chain 193
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=82b67018-7d76-4fb5-9b12-469927ce73b2&expiration=1697723479&gdpr=0&gdpr_consent=
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQmnVqk7MV794SIGn2VaigAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELucZ1VPSLFatzs4a_1EIZA&google_cver=1
Request Chain 195
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQmnVqk7MV794SIGn2VaigAABncAAAIB
Request Chain 196
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ASN4OZWLYH6qfn68Hrab&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655&tc=1
Request Chain 197
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4038167191623545769
Request Chain 198
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko
Request Chain 203
  • https://match.adsrvr.org/track/cmf/openx?oxid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0&gdpr_consent=
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVJw44r96z_VkX2NmS9EXk&google_cver=1
Request Chain 213
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=52f80001-eced-410f-abf7-1a2fdf1daf42&initiator=me&us_privacy=1YNN&gdpr=0 HTTP 302
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=52f80001-eced-410f-abf7-1a2fdf1daf42&initiator=me&us_privacy=1YNN&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&gdpr=0&us_privacy=1YNN HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 214
  • https://us-east-sync.bidswitch.net/sync?ssp=trustx&dsp_id=250&imp=1 HTTP 302
  • https://us-east-sync.bidswitch.net/ul_cb/sync?ssp=trustx&dsp_id=250&imp=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=trustx&bsw_user_id=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&ssp=trustx
Request Chain 223
  • https://capi.connatix.com/core/sync?v=338732 HTTP 302
  • https://capi.connatix.com/core/sync?v=338732&tier=1&final=true&ImplementationType=0
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fhvyr2LCQY6jqtEB-1tDCA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 235
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0UxQkYyQUYtNjJDMi00MThFLUEzQUEtRDEwMUZCNUI0MzA4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGyL1iZ6bakWsWyVe_4kpY&google_cver=1
Request Chain 240
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557
Request Chain 241
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=82b67018-7d76-4fb5-9b12-469927ce73b2&gdpr=0&gdpr_consent=
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRGG0QNE2uXdYp46NSTmTX_HSkSefDU-~A&gdpr=0
Request Chain 253
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Index&api-tier=1&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
Request Chain 254
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Beeswax&api-tier=1&uid=AABSyE7KE08AABXBedE9gw&gdpr=0
Request Chain 255
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=82b67018-7d76-4fb5-9b12-469927ce73b2&ttl=1697723480
Request Chain 256
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Amobee&api-tier=1&uid=4038167191623545769
Request Chain 257
  • https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=TripleLift&api-tier=1&uid=2929301841228134313336
Request Chain 258
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=AppNexus&api-tier=1&uid=6004480877952621289&gdpr=0
Request Chain 259
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Request Chain 260
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Request Chain 262
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=PulsePoint&api-tier=1&uid=mHb9MxhElbck
Request Chain 263
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Crimtan&api-tier=1&uid=32c718dfa6824e369b7a7d6ac7326e2d
Request Chain 264
  • https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=LoopMe&api-tier=1&uid=e3ec73e8-177a-454e-9747-183cb0ae5a93&pubid=11186&gdpr=0
Request Chain 265
  • https://id.rlcdn.com/712202.gif?cparams=8b22f0bd8f2445f586e9bdb7b722bc5c&gdpr=0 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNjOpqgGEgUI6AcQAEIASiA4YjIyZjBiZDhmMjQ0NWY1ODZlOWJkYjdiNzIyYmM1Yw
Request Chain 266
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D8b22f0bd8f2445f586e9bdb7b722bc5c%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553%2526gdpr%253D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D8b22f0bd8f2445f586e9bdb7b722bc5c%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553%2526gdpr%253D0&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3DCentro%26api-tier%3D1%26uid%3D557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Centro&api-tier=1&uid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0
Request Chain 267
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=YieldMo&api-tier=1&uid=3RY4877dd47k2vCTamAM&gdpr=0
Request Chain 268
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=8b22f0bd8f2445f586e9bdb7b722bc5c&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dTelaria%26api-tier%3d1%26uid%3d%5bTVUSER_ID%5d&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Telaria&api-tier=1&uid=25e0218b837a4d609b8243d7572ecd43
Request Chain 269
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=fb55237c846da97555cd2ba61913148a&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 272
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=8b22f0bd8f2445f586e9bdb7b722bc5c&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dColossus%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Colossus&api-tier=1&uid=4ff280b4-ccca-4802-984b-a28963753e9a
Request Chain 273
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=SundaySky&api-tier=1&uid=d6.0c41150b2c8b46f2b8f09b92b071c3d9
Request Chain 274
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=ResetDigital&api-tier=1&uid=000001111AEF1D75
Request Chain 276
  • https://sync.go.sonobi.com/us?loc=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d43%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSonobi%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Sonobi&api-tier=1&uid=4c45ded7-0750-4102-8166-76edcf238ee4
Request Chain 277
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dAdelphic%26api-tier%3d1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Adelphic&api-tier=1&uid=2614e276-f9cb-4563-921d-53cf34d28197
Request Chain 278
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=8b22f0bd8f2445f586e9bdb7b722bc5c&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=6a3162d2-15e4-0041-1964-0a9d2887a9f1
Request Chain 280
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=OGIyMmYwYmQ4ZjI0NDVmNTg2ZTliZGI3YjcyMmJjNWM&extra1=8b22f0bd8f2445f586e9bdb7b722bc5c&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport
Request Chain 330
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dyHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1YNN HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=yHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q&u=AABSyE7KE08AABXBedE9gw&us_privacy=1YNN
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&gdpr=&gdpr_consent=&us_privacy=1YNN&cr_user_id=k-znmBCJVnWfb5v_tOnFph_0kkIK0uDMoab9ySzw HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-znmBCJVnWfb5v_tOnFph_0kkIK0uDMoab9ySzw&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&u=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Request Chain 332
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dmb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE%26u%3d%3cTUID%3e&gdpr=&consent=&ccpa=1YNN HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=mb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE&u=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
Request Chain 339
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c&google_hm=MzY2NTc0N2YtYWQ1Mi00ZWMyLTkwYzMtNTNhY2QyZTJmMjlj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEJtRxRn58IHQETxWw8Vpl0&google_cver=1&ssp=sonobi&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 340
  • https://thrtle.com/insync?vxii_pid=10072&vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4 HTTP 302
  • https://thrtle.com/insync?vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4&vxii_pid=12&vxii_pid1=10072&vxii_rcid=b118a5f0-c43f-4d73-bee0-376bb490e24b
Request Chain 342
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4c45ded7-0750-4102-8166-76edcf238ee4 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De1bcbec7-523a-459a-8da1-fcef22f02ef7%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6004480877952621289&pt=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
Request Chain 345
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=82b67018-7d76-4fb5-9b12-469927ce73b2&pubid=d089631d2d
Request Chain 346
  • https://idsync.rlcdn.com/711892.gif?partner_uid=4c45ded7-0750-4102-8166-76edcf238ee4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&rand=06012780
Request Chain 347
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4c45ded7-0750-4102-8166-76edcf238ee4&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=c3ZZX29wOUtNZVJseG5tQmUwUkU0QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEP5AvkdEmAv9qPt7ayYDEN0&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=mHb9MxhElbck
Request Chain 348
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4
Request Chain 349
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=0d26ae77-6dac-0aa1-2c4d-a0879e3a83ca
Request Chain 350
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external
Request Chain 351
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGM0NWRlZDctMDc1MC00MTAyLTgxNjYtNzZlZGNmMjM4ZWU0 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESECdODFpmou7qCajxtPKc_5Q&google_cver=1
Request Chain 353
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2929301841228134313336
Request Chain 356
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=4c45ded7-0750-4102-8166-76edcf238ee4&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
Request Chain 359
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=43ff3c35-f210-472d-8f57-4774d043c806
Request Chain 360
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=50e9ac084d244783a9ac084d24c78341
Request Chain 361
  • https://id5-sync.com/s/434/9.gif?puid=4c45ded7-0750-4102-8166-76edcf238ee4&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=4c45ded7-0750-4102-8166-76edcf238ee4&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/8/2.gif?puid=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/7/3.gif?puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/6/4.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_127b9e15-6fec-4b46-8749-7842a0f0127f&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/4/6.gif?puid=6004480877952621289&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/3/7.gif?puid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABSyE7KE08AABXBedE9gw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AABSyE7KE08AABXBedE9gw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AABSyE7KE08AABXBedE9gw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/434/1241/1/9.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=6004480877952621289&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1246/0/10.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent=
Request Chain 363
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 364
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6004480877952621289
Request Chain 365
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777325356003384
Request Chain 366
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ASN4OZWLYH6qfn68Hrab&pi=sonobi
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=82b67018-7d76-4fb5-9b12-469927ce73b2&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 368
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG_jUlzM1KkD-vqj6ZdAJkk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 370
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D
Request Chain 372
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2929301841228134313336?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-S563JQ9E2oRbtdSc4oMd0oqVYWJVc.PKL6VVrx_wyA--~A&dongle=0883
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2929301841228134313336&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b3ad9a4a-198f-43ce-928b-fa9b4088c476&ssp=triplelift&expires=30&user_group=5&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 375
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 376
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6004480877952621289&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 381
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6004480877952621289&gdpr=0&gdpr_consent=
Request Chain 382
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCU3lFN0tFMDhBQUJYQmVkRTlndw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABSyE7KE08AABXBedE9gw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2457807864703770449&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABSyE7KE08AABXBedE9gw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2457807864703770449%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2457807864703770449&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABSyE7KE08AABXBedE9gw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABSyE7KE08AABXBedE9gw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2457807864703770449%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2457807864703770449&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSyE7KE08AABXBedE9gw&gdpr=0
Request Chain 383
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQmnaAARlMmTaAAb
Request Chain 385
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
Request Chain 386
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
Request Chain 392
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6c06099102c1310&is_secure=true&networkId=17100&version=1&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALymlFxLFK9QNDixQQAAAAAAA&expiration=1695217881&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 393
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent=
Request Chain 394
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=
Request Chain 396
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6004480877952621289
Request Chain 398
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQmnWQAOVyVQXgA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQmnWQAOVyVQXgA4&_test=ZQmnWQAOVyVQXgA4
Request Chain 399
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
Request Chain 400
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZQmnVqk7MV794SIGn2VaigAA%261655&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
Request Chain 402
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5904f73c-dda8-47cb-bd0e-4b7458357fab&expiration=1726753881
Request Chain 404
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2929301841228134313336
Request Chain 405
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=9fd59dba-05e7-0e47-3cf9-69b43d570002
Request Chain 406
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=276e7954-d5a6-4722-84d7-5af92c52e11e
Request Chain 408
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Request Chain 409
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2457807864703770449
Request Chain 410
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LMQDINP9-12-6QC4&gdpr=0
Request Chain 414
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 415
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko&gdpr=0&gdpr_consent=
Request Chain 416
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0uGLMbaw1QIB8o5&gdpr=0&gdpr_consent=
Request Chain 417
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5904f73c-dda8-47cb-bd0e-4b7458357fab&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Request Chain 418
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777325356003384
Request Chain 421
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f3cd6d13-713f-0bce-080c-29528597a357
Request Chain 424
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5d3a4360-c386-4183-80c2-ab45771c25f5&expires=1&user_group=2&ssp=pubmatic&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 426
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4038167191623545769&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 427
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10940CEF7_4EBD3BC3&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 428
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8032832714304770988
Request Chain 431
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 432
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa8db507c5a5c4c0eb726e8ce08e02c85
Request Chain 433
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Request Chain 434
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=829426950637
Request Chain 435
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 436
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uy90B5zCAEWTTGqJXacJZQ
Request Chain 437
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1695131485046 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4489564387 HTTP 302
  • https://sync.1rx.io/usersync/turn/4038167191623545769?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
Request Chain 441
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&_li_chk=true&previous_uuid=c3c9e8bac5d54e859aaa06c8be9dd1bf HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c3c9e8ba-c5d5-4e85-9aaa-06c8be9dd1bf HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Db88c4f4f-d1e2-4342-804f-677cb69ca377%253A1695131486.1698945%26pid%3D500040%26it%3D1%26iv%3Db88c4f4f-d1e2-4342-804f-677cb69ca377%253A1695131486.1698945%26_%3D1695131486.174504&cb=1695131486.1745577 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1783777325356003384&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Db88c4f4f-d1e2-4342-804f-677cb69ca377%253A1695131486.1698945%26pid%3D500040%26it%3D1%26iv%3Db88c4f4f-d1e2-4342-804f-677cb69ca377%253A1695131486.1698945%26_%3D1695131486.174504 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&pid=500040&it=1&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&_=1695131486.174504 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1695131486.174504&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377:1695131486.1698945
Request Chain 443
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=9fc71491-56f3-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Request Chain 444
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6004480877952621289
Request Chain 447
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3RY4877dd47k2vCTamAM&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Request Chain 448
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=82b67018-7d76-4fb5-9b12-469927ce73b2
Request Chain 449
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
Request Chain 451
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?uid=AABSyE7KE08AABXBedE9gw&bidder=beeswax
Request Chain 453
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7484178861028887040&uid=Q7484178861028887040&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7484178861028887040
Request Chain 454
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557&gdpr=0&gdpr_consent=
Request Chain 456
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjZicEZsM244Zi1USk9ycWxqaDkwbDh6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8032832714304770988&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 458
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 459
  • https://pixel.onaudience.com/?partner=214&mapped=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=82b67018-7d76-4fb5-9b12-469927ce73b2&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b60ac3d16118f52c HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b60ac3d16118f52c HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=82b67018-7d76-4fb5-9b12-469927ce73b2&bid=1e2n4ou
Request Chain 460
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cbb7322a-159c-4c6e-9497-16d6392ff5be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 461
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6004480877952621289
Request Chain 463
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1bd1cf5340102130&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAHSY492sOpRgNZc3KLAAAAAAA&expiration=1695217887
Request Chain 464
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=22e825ee-ba28-c07c-b42d-774b88e93070&us_privacy=pbs-ozone
Request Chain 465
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=c0362520-7da2-4ac9-84d5-fbbc3f29d884&gdpr=0
Request Chain 466
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A&gdpr=0
Request Chain 467
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4b8c12c3-2316-455e-b2fe-e349d5a4d07b
Request Chain 468
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=HWPfiRZHLE13_QiPRl2H0AHU

467 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hunter-biden-sues-irs-taxes
www.theguardian.com/us-news/2023/sep/18/ 		281 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0f9b84dd692284b63f0a0a596fd6f682b1bc24f263b313ef4cc10a89d0d2b7d
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri https://*.gracenote.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2012
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding
gzip
content-length
46385
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri https://*.gracenote.com
content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 13:51:12 GMT
etag
W/"hash-2460868243528734342"
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
link
<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.web.3c870acd254123292ad1.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gu-dotcomponents
true
x-gu-edition
us
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
x-timer
S1695131472.866993,VS0,VE134
x-xss-protection
1; mode=block
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		0
943 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
age
165521
detected-user-agent
Chrome/117.0.0
x-cache
HIT
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
useragent_normaliser
chrome/117.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
148
x-served-by
cache-mia-kmia1760035-MIA
referrer-policy
origin-when-cross-origin
last-modified
Sun, 17 Sep 2023 15:01:07 GMT
x-timer
S1695131472.034370,VS0,VE1
fastly_service_version
228
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/117.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
frameworks.web.3c870acd254123292ad1.js
assets.guim.co.uk/assets/ 		0
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.3c870acd254123292ad1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
jdbd8IXjlqQWy6NytajSRqNs19_jlMv1
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
BQ9K8X73P1RXSVMG
age
2329492
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.3c870acd254123292ad1.js?http3=true
fastly-restarts
1
x-amz-id-2
SVVEK+6jnCcxjRdT0qfhllZzngD/6HPELrS4/cnBm/Y53d/ahgGWHuPCwH8KNGbRMMXe2WBWxTQnEZl+QQORLg==
x-served-by
cache-mia-kmia1760035-MIA
content-length
20798
last-modified
Wed, 23 Aug 2023 14:43:35 GMT
server
AmazonS3
x-timer
S1695131472.034247,VS0,VE0
etag
"7b5425886a24c75dac61d555210988ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
90
index.web.0a98fca6c89ffd1c0cf1.js
assets.guim.co.uk/assets/ 		0
37 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
w7wVAZNg4bWl1A5bEgMFu3yOMgYCUFqW
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NGZTTMHJF85WE6GB
age
17956
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
fastly-restarts
1
x-amz-id-2
3LaowF9Wvfayu3+qIqC/9A3MPJlebXl0rWIhXJnnYNmueS9AxTqRsKDJNsHLX4vIFOOaFlns82s=
x-served-by
cache-mia-kmia1760035-MIA
content-length
37925
last-modified
Tue, 19 Sep 2023 08:50:05 GMT
server
AmazonS3
x-timer
S1695131472.156922,VS0,VE0
etag
"94c4fddec9a60899c5958fa32e004d45"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
92
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/ 		0
83 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Mw_sMPBm062V.DsDhvLbq_PxLs8OuGBE
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
CYZA17XDSGJNPS2K
age
616491
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
0lQGhkhMVyFWISiReaEEfoxkDPt3OBBlE0qb8SpjcQ4wj+EaQSc//+3LyothCRbJ+8uTskLEZrQ=
x-served-by
cache-mia-kmia1760035-MIA
content-length
84600
last-modified
Tue, 12 Sep 2023 10:33:44 GMT
server
AmazonS3
x-timer
S1695131472.156652,VS0,VE0
etag
"036ae9b0bda976713b9d2c3276b5e600"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4731
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
Q6R5YCP7Y8EZEF35
age
19086598
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
SsiA66VsSc+IYoLKMT61ReAyA7ajFsQlWsBtOpL2blr6yYGLA0oJ5OpZHIOJQVC46r8oC3o9Wec=
x-served-by
cache-mia-kmia1760028-MIA
content-length
16492
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.091461,VS0,VE0
etag
"f5d54732577509c40f5a5a47f47aeab5"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4812
GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
NppmnaNT0.flIJWpyurLSQmcrEPnbJ4q
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
6NDRY6KSVNSY6C7D
age
19086582
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
AxGhM+MSQwN5ZROpPmm5dxrODR1wmN9O+3nInmA9hdNxXjI3/A8F6uFQ9voyabmzuI1hCZZKjcs=
x-served-by
cache-mia-kmia1760028-MIA
content-length
16792
last-modified
Fri, 10 Feb 2023 15:45:04 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.091462,VS0,VE0
etag
"66184690aa8f829b88f8d7b855ec63fd"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4735
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		165 B
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
age
165521
detected-user-agent
Chrome/117.0.0
x-cache
HIT
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
useragent_normaliser
chrome/117.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
148
x-served-by
cache-mia-kmia1760035-MIA
referrer-policy
origin-when-cross-origin
last-modified
Sun, 17 Sep 2023 15:01:07 GMT
x-timer
S1695131472.156463,VS0,VE0
fastly_service_version
228
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/117.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
frameworks.web.3c870acd254123292ad1.js
assets.guim.co.uk/assets/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.3c870acd254123292ad1.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3571b492bfaa7304b220cc51f34a11ca45fbe9b0f8ab6435d1d682bea60cd25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
jdbd8IXjlqQWy6NytajSRqNs19_jlMv1
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
BQ9K8X73P1RXSVMG
age
2329491
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.3c870acd254123292ad1.js?http3=true
fastly-restarts
1
x-amz-id-2
SVVEK+6jnCcxjRdT0qfhllZzngD/6HPELrS4/cnBm/Y53d/ahgGWHuPCwH8KNGbRMMXe2WBWxTQnEZl+QQORLg==
x-served-by
cache-mia-kmia1760028-MIA
content-length
20798
last-modified
Wed, 23 Aug 2023 14:43:35 GMT
server
AmazonS3
x-timer
S1695131472.091853,VS0,VE0
etag
"7b5425886a24c75dac61d555210988ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
102
index.web.0a98fca6c89ffd1c0cf1.js
assets.guim.co.uk/assets/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1322f79d4f101c5479d6e213b5cc2811743b506f029a464916794bdf39790d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
w7wVAZNg4bWl1A5bEgMFu3yOMgYCUFqW
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NGZTTMHJF85WE6GB
age
17956
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
fastly-restarts
1
x-amz-id-2
3LaowF9Wvfayu3+qIqC/9A3MPJlebXl0rWIhXJnnYNmueS9AxTqRsKDJNsHLX4vIFOOaFlns82s=
x-served-by
cache-mia-kmia1760028-MIA
content-length
37925
last-modified
Tue, 19 Sep 2023 08:50:05 GMT
server
AmazonS3
x-timer
S1695131472.091846,VS0,VE0
etag
"94c4fddec9a60899c5958fa32e004d45"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
90
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/ 		271 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
526aed0eb9e964bb2824955f92116a1e4648d8540bf556ed123e3d6ec126c5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Mw_sMPBm062V.DsDhvLbq_PxLs8OuGBE
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
CYZA17XDSGJNPS2K
age
616491
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
0lQGhkhMVyFWISiReaEEfoxkDPt3OBBlE0qb8SpjcQ4wj+EaQSc//+3LyothCRbJ+8uTskLEZrQ=
x-served-by
cache-mia-kmia1760035-MIA
content-length
84600
last-modified
Tue, 12 Sep 2023 10:33:44 GMT
server
AmazonS3
x-timer
S1695131472.156494,VS0,VE0
etag
"036ae9b0bda976713b9d2c3276b5e600"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4730
print.css
assets.guim.co.uk/static/frontend/css/ 		81 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/css/print.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Nf9CM1LQyPL9SSsWH.5NlwQ3.9dsSQOd
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
0SFEF8R1DZP5JMAT
age
19813735
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/css/print.css
fastly-restarts
1
x-amz-id-2
zRPfmqZsE0kQpukVBvDYikymj8hb61qRg4hcY7UIP0RgcjBXL45WtPyLuvA1mDuSjFefhR8rz9o=
x-served-by
cache-mia-kmia1760035-MIA
content-length
91
last-modified
Wed, 01 Feb 2023 11:36:43 GMT
server
AmazonS3
x-timer
S1695131472.156422,VS0,VE0
etag
"db34472656eebc5c36590124014292c0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1865
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
6BQ4636DKVBWRHND
age
19086675
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
YlPZGIiS6T+bJ4UxKPq6M4ZrhbwX6unKS3mkkm/GxSl7n9orSoh39mPLY23DyectSutX5I4G0JY=
x-served-by
cache-mia-kmia1760028-MIA
content-length
15416
last-modified
Fri, 10 Feb 2023 15:45:12 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.091234,VS0,VE0
etag
"5c9af23772b65de0d3f1fb8638c196b4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
12116
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
BSSA2PE6T0PS5S6B
age
19086680
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
We2oZa1gRq+DUB+KUMfYvDIomP5ieBh+PeXWid+A3xB/mXDEiuKYfjDeK16CtRYscRZIl1VXS4c=
x-served-by
cache-mia-kmia1760028-MIA
content-length
17376
last-modified
Fri, 10 Feb 2023 15:45:11 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.091864,VS0,VE0
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4933
GHGuardianHeadline-Light.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
tM62LOrdLaMKn7SwsykFpyDsGOAwuAG3
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
5R1HQEKB75WNDBVC
age
19086545
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
fastly-restarts
1
x-amz-id-2
2463d31vlX4tluPuCJaj4C7a+SZOtU9xTLE/Hr/Nj1YAu0qzSXy/DoS1PfqxWLQ0S8snhF2iKaM=
x-served-by
cache-mia-kmia1760028-MIA
content-length
15764
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.091223,VS0,VE0
etag
"5acde69d26abfad0f3ef938733057577"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
86
2305.jpg
i.guim.co.uk/img/media/0429798330f581c36384ed799cd9ee51e3a2c8cc/0_117_2305_1383/master/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/0429798330f581c36384ed799cd9ee51e3a2c8cc/0_117_2305_1383/master/2305.jpg?width=620&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6d9c910a05942fd11acdd9d398ea0c921cef636ce65594ddf68c28d8d0f5b42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish, 1.1 varnish
age
83417
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
fastly-io-info
ifsz=658342 idim=2305x1383 ifmt=jpeg ofsz=8212 odim=620x372 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
117
content-length
8212
x-served-by
cache-lcy-eglc8600058-LCY, cache-mia-kmia1760035-MIA
server
AmazonS3
x-timer
S1695131472.119927,VS0,VE1
etag
"lAx8xe4d4RWzczlDxxw1gn+uOi22lyiN1JGyJcDGQMQ"
x-amz-meta-bounds-height
1383
x-amz-meta-bounds-width
2305
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
0, 1
GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
HHIQ3WeGDwVAN5VSRXOfuICG.s7kCaes
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
M3GP9MG4XGDA1NTG
age
19086568
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true
fastly-restarts
1
x-amz-id-2
oK7UEkXFIfROVpDESEehD0P81v2mf4jTEbawxk+ZrSZ/FmH1K7pGV96w19Ve360ZXw5L827vDZs=
x-served-by
cache-mia-kmia1760028-MIA
content-length
16612
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.120672,VS0,VE0
etag
"08f5422d28aa5861fac0170cef914db8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
710
GuardianTextEgyptian-RegularItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-RegularItalic.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1da416a71b864e9a36112077810f09dbd481ec020b6112ee80d52d394084a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
pDd52OH9i9PjnnqIjURI43Cp_zy7T1Lh
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
Y6JHRQG2D5D1NTRK
age
19086624
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-RegularItalic.woff2?http3=true
fastly-restarts
1
x-amz-id-2
MpUMDXjzvFOYRXLNBdSnSEGB8OcMXzMsOFPo62PiLXFxiicSjXkCOM1RTydC3lMg7mt/ccdPcTk=
x-served-by
cache-mia-kmia1760028-MIA
content-length
17836
last-modified
Fri, 10 Feb 2023 15:45:04 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.198214,VS0,VE0
etag
"56b80ffcda5838d0e6f48aa0afbf42cb"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
142
GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
aOcyf0Rw_c_KHyqgDfMRZ62nHs_3ToNn
date
Tue, 19 Sep 2023 13:51:12 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
V3FEGEEJFZ4XCTWA
age
19086633
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
fastly-restarts
1
x-amz-id-2
YPJUqADMMyuVG42vm7tP4sAdKNOYx65lT88e2n8Se/N44DnIcETAFpHm59RrcTZRHBER8a81ImQ=
x-served-by
cache-mia-kmia1760028-MIA
content-length
19052
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131472.198294,VS0,VE0
etag
"f1117595ec5a2cf9f3a9834f42e5fd08"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4301
SetABTests-importable.web.9b8a52a408f69629a69e.js
assets.guim.co.uk/assets/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetABTests-importable.web.9b8a52a408f69629a69e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acdedcb326dbad1f93ec6b1c0cd168678577bcde6f8ae1e936444e515bf63c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
4mj0gC9Os6H0lhCzjKxstCFLuNxi5WL_
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD24X4SQYWYZRQK
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetABTests-importable.web.9b8a52a408f69629a69e.js
fastly-restarts
1
x-amz-id-2
t/2rBkAkPDrNm2l52cP/nAuqXPV3jQ0kjyJ8BLjc0Nm9USpa7cH9tlQHTHRorXvENDVV3a0g/Ww=
x-served-by
cache-mia-kmia1760035-MIA
content-length
3928
last-modified
Fri, 15 Sep 2023 11:24:31 GMT
server
AmazonS3
x-timer
S1695131472.285728,VS0,VE0
etag
"c5e1ab88f95569406ee6ec04f47c0b78"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1218
SetAdTargeting-importable.web.08476d7e4387833c2111.js
assets.guim.co.uk/assets/ 		865 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetAdTargeting-importable.web.08476d7e4387833c2111.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49825a9d07159d14e425df0057c44159dfcd9732cb17ed20abac8b45e51fb81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
LyjU1A.1066ApLpVgVTEFErDJXdcFB5A
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NPEMYMBQVMASC0SE
age
354282
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetAdTargeting-importable.web.08476d7e4387833c2111.js
fastly-restarts
1
x-amz-id-2
KmYf+tzRzPDlw51ZH2P/M2F2LNiM4bNrUrhdfFQUjmK6mw8QgrI6aVf5B0IALiMWYt0V5nqserg7LmKpcNsG6Q==
x-served-by
cache-mia-kmia1760035-MIA
content-length
540
last-modified
Fri, 15 Sep 2023 11:24:32 GMT
server
AmazonS3
x-timer
S1695131472.286354,VS0,VE0
etag
"3ca4c8d5c86f3dbd752d95593ffb2daf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
9568.web.6aae7554d5adf4a078f0.js
assets.guim.co.uk/assets/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/9568.web.6aae7554d5adf4a078f0.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75370d4c5c51601c515f1cb46fdea912e1a8739c2e30425fa6978d793ef5a3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
PCp6kAeNn7RabdJ.wbAwkNJkaQX8W5jd
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
1TZPJ2KVWZ333FZY
age
354248
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/9568.web.6aae7554d5adf4a078f0.js
fastly-restarts
1
x-amz-id-2
8MkZzzgVcGmegVF7IfwgZgA+DRKl6mN9slsRmDj9WVh/GEDRph47vEPpeBMGcTMg+0qoUIrAbfM=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5370
last-modified
Fri, 15 Sep 2023 11:24:30 GMT
server
AmazonS3
x-timer
S1695131472.287203,VS0,VE0
etag
"0a5b211c87d9661695b8cde6f7065e94"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
73
HeaderTopBar-importable.web.81e8586941e617914acc.js
assets.guim.co.uk/assets/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/HeaderTopBar-importable.web.81e8586941e617914acc.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf6d8bcb76ed037c2262bc9819dcdfbde9b080b77fe83530899c9eba8e743b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Np7IHQ2gIqc7IYYhZJ..28WrJEAzp2QL
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD7FEPQCCP8269E
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/HeaderTopBar-importable.web.81e8586941e617914acc.js
fastly-restarts
1
x-amz-id-2
cpksSkgxZcPv8jG3BjPkecbIZ31KbAba2wNMWsBnU2nIFbeHIqx8k/g9XCP0vVr1cEr+xfm5sk0=
x-served-by
cache-mia-kmia1760035-MIA
content-length
10875
last-modified
Fri, 15 Sep 2023 11:24:28 GMT
server
AmazonS3
x-timer
S1695131472.287454,VS0,VE0
etag
"d49d694638a4cbca45f5f40b32837f17"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1187
1987.web.b0d05fdd44ae133e1650.js
assets.guim.co.uk/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1987.web.b0d05fdd44ae133e1650.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dfd52302c57f0c4900abbaec57f31089de90b5b05c0abaad2ed7b30be729db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
yKJpx0NnXhv943077E_q_BjDDJFUmlNZ
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NPENMEXQZTMVPW22
age
354282
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1987.web.b0d05fdd44ae133e1650.js
fastly-restarts
1
x-amz-id-2
lbolrGTFqfDTWEqhzOivmTdwFEeMbMcZY/YtDFYB0Pk5AIvSNefyeIk3uAilvhKmdOngVHrBsw2wvHb3Tmztyw==
x-served-by
cache-mia-kmia1760035-MIA
content-length
3126
last-modified
Fri, 15 Sep 2023 11:24:20 GMT
server
AmazonS3
x-timer
S1695131472.288693,VS0,VE0
etag
"bf5d8b078165f0c73950c86dd4a9afaf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
77
1635.web.aa5094f17f9a9ff4d339.js
assets.guim.co.uk/assets/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1635.web.aa5094f17f9a9ff4d339.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82b4916d5cae8f0865d9763c14701576c3019e9316f4c00f35a31551c80cc574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
STCO8rFbVMGaOPovWziRiuc.bMOnQpcL
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PQ06SARAQCXMTQ29
age
354165
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1635.web.aa5094f17f9a9ff4d339.js
fastly-restarts
1
x-amz-id-2
xobYz3DxIo/w5FCV0k86JXaDntG0BYkDfVk/gUPKKRlnK9L6s0vnqC11xams9otSp+e52A81VDk=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2220
last-modified
Fri, 15 Sep 2023 11:24:24 GMT
server
AmazonS3
x-timer
S1695131472.288977,VS0,VE0
etag
"0a56ccbb0010932587743c76efec4783"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
75
2878.web.71165c81d0a5994316f0.js
assets.guim.co.uk/assets/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/2878.web.71165c81d0a5994316f0.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7d92354ef95b65d39e9d09e392e4b96ecc7e325afdccbf6abee2e5673c5d89d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
6iu7BU3DWDlIMRiEOqLwcMtEMHMjZepR
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NPKXA0MK5E9W8EDF
age
354223
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/2878.web.71165c81d0a5994316f0.js
fastly-restarts
1
x-amz-id-2
1C71cq9d5enO4ZEMtZ2MeKlTL68CBYPpMuJKCcfXDcc8t9t8mGXuWLcGMaGBotJdggIfPmtRT64=
x-served-by
cache-mia-kmia1760035-MIA
content-length
7077
last-modified
Fri, 15 Sep 2023 11:24:21 GMT
server
AmazonS3
x-timer
S1695131472.289069,VS0,VE0
etag
"5b4812cc69c5b26f2b16c661b9652dc7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
77
SignInGateSelector-importable.web.8ae80845f2479133290e.js
assets.guim.co.uk/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SignInGateSelector-importable.web.8ae80845f2479133290e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfc5b34aae74af6e91911ecd40b00d8be71e3385dc1c823c026f845142ba9ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
jtN0L_pDlnzltIm4c.neFnwPiRMOHOYr
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDFG3Q6HAJWFTAZ
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SignInGateSelector-importable.web.8ae80845f2479133290e.js
fastly-restarts
1
x-amz-id-2
947sw2Ja5HFUbR92qh/9I0m0fLFzF4SWZBQFNaI6p3RjAItCj2STR6xKO0YzVUfErkdyfPJulRE=
x-served-by
cache-mia-kmia1760035-MIA
content-length
1648
last-modified
Fri, 15 Sep 2023 11:24:22 GMT
server
AmazonS3
x-timer
S1695131472.289347,VS0,VE0
etag
"baa636a4e89008bae6fcea798e50ffd5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1104
7493.web.2d1cd2dda6dbdcf2c0fb.js
assets.guim.co.uk/assets/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7493.web.2d1cd2dda6dbdcf2c0fb.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
366fc428538672ec209c6f3b7baee44aced7059bb1a84742a693037520539ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
t49aobUav5UUcNi107y_dt6ZYZmUhhe.
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD6AYD938CWEVA4
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/7493.web.2d1cd2dda6dbdcf2c0fb.js
fastly-restarts
1
x-amz-id-2
RNnmaJQb7dyhOZz27YQqFrY/cdQBV+ZaZXqzImztJpu58s7KDIoE0FMYYE+3jfX9MxHqFqGIss8=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5794
last-modified
Fri, 15 Sep 2023 11:24:27 GMT
server
AmazonS3
x-timer
S1695131472.290422,VS0,VE0
etag
"844bf93097769e964fae297627f94c87"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1210
4237.web.ccf087935bdf0978e107.js
assets.guim.co.uk/assets/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4237.web.ccf087935bdf0978e107.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b6819dbce4b028da82d34071389fc29ce60c6c242861522bb0be83e1994159f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
kXdz9AHdKg1xV4zJppK_hbBbWFGmxkHQ
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
8ZR1PDQNYT34B06R
age
18240
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/4237.web.ccf087935bdf0978e107.js
fastly-restarts
1
x-amz-id-2
pF3+ZDXs2EOjds/tGEOxnLkVJzGJR12aJ6imV9H5nmSqlCqjWcAIOR0AFewBsou4sETGcOXrjkM=
x-served-by
cache-mia-kmia1760035-MIA
content-length
3647
last-modified
Tue, 19 Sep 2023 08:38:15 GMT
server
AmazonS3
x-timer
S1695131472.292559,VS0,VE0
etag
"0f19d701d5abb5a6693a7ee20ee29f0d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
69
866.web.66112aaac37ef76c104e.js
assets.guim.co.uk/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/866.web.66112aaac37ef76c104e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
432eddcd91b613348120103186872d143fc3ff689ce3b690b81fa4f548d45a50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
DSQvxUDu_L22_GtZkdEDGRCY.T5wYdM.
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD3X8VXWVY7KJ2K
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/866.web.66112aaac37ef76c104e.js
fastly-restarts
1
x-amz-id-2
cP5j6Uuk80w6AgFsJwzBYdx+H7X4jU6Jbt9EofvQ/ht7QDTFzcNnqHjxVFCyiIxcw/VIcbGoEME=
x-served-by
cache-mia-kmia1760035-MIA
content-length
3961
last-modified
Fri, 15 Sep 2023 11:24:28 GMT
server
AmazonS3
x-timer
S1695131472.312137,VS0,VE0
etag
"a2ecf015438db75a2b5b8f34076fc58e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1210
SlotBodyEnd-importable.web.a975002dc589f54c11b9.js
assets.guim.co.uk/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SlotBodyEnd-importable.web.a975002dc589f54c11b9.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dde8dc33fa401d1c466a07346b862f35fc5e5c5335bd52f08913593886ad5601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
XiBrHonv1roR3_WRW6mdVe.RVESHU.Vg
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
HSNXZ0XQV1VCR6MB
age
18204
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SlotBodyEnd-importable.web.a975002dc589f54c11b9.js
fastly-restarts
1
x-amz-id-2
N7icuj6gfM0nvbZlHdTMbmaUIkMnFXlqsbHow09nQwt2vbKJhjS7ExB6NOZ5ssCX1BqS+DYwLw4=
x-served-by
cache-mia-kmia1760035-MIA
content-length
3913
last-modified
Tue, 19 Sep 2023 08:38:22 GMT
server
AmazonS3
x-timer
S1695131472.312328,VS0,VE0
etag
"a6be6f41e5fdeb65d24c73c6880af6c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
71
atomIframe.web.f3d6966810585acba0d9.js
assets.guim.co.uk/assets/ 		845 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/atomIframe.web.f3d6966810585acba0d9.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03aa3433475597837b79c2071e0e62feb4f26348243d8c11900344dd94485d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
SWggGYF_822oVTdVfcIcLsP42W8ApKVp
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
P9SA4T7EYBF10AT7
age
354277
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/atomIframe.web.f3d6966810585acba0d9.js
fastly-restarts
1
x-amz-id-2
v5oRIJiD419HfoC6x/PlSgE4jYh4MwxbeYlO0PYp0dioD85YZjm6bYv5psY1JiIPh0VmD1czmaY=
x-served-by
cache-mia-kmia1760035-MIA
content-length
521
last-modified
Fri, 15 Sep 2023 11:24:27 GMT
server
AmazonS3
x-timer
S1695131472.312032,VS0,VE0
etag
"4f51cd2fd45fdef90056036737a2e24a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
75
embedIframe.web.6b5667964f6ac195afa4.js
assets.guim.co.uk/assets/ 		852 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/embedIframe.web.6b5667964f6ac195afa4.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50b78262406fae346439db7416ff61b416acb5ce0918a52f9722228b1a1c0a18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
EqxFW.G4ul3W_xVly5.zNBOrVM7peVhv
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
VY9KW2YRDXS8YDQ8
age
354176
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/embedIframe.web.6b5667964f6ac195afa4.js
fastly-restarts
1
x-amz-id-2
q4+xIpbLqxZ5abrCASriXLiRplnlvG9tAdUty0Bg4mNeY7LqJ+3tWVg67EsC2nex4v/+Tl5uCqM=
x-served-by
cache-mia-kmia1760035-MIA
content-length
527
last-modified
Fri, 15 Sep 2023 11:24:29 GMT
server
AmazonS3
x-timer
S1695131472.312024,VS0,VE0
etag
"d00fef05a72599b049378c1b024a5937"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
newsletterEmbedIframe.web.df291ddc615c3996f0ca.js
assets.guim.co.uk/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/newsletterEmbedIframe.web.df291ddc615c3996f0ca.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b12ab650ec539096d54fa61af36b4670820a02313cbfdbc0c8346d9bc2452b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
0TuZCNSb4XJLdTUZF4jCiEkoV.q6K68n
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDD6HW2DZFS8G79
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/newsletterEmbedIframe.web.df291ddc615c3996f0ca.js
fastly-restarts
1
x-amz-id-2
aZYxPad5XP1cohZ0EE+r7t2owelFyvDXXm3vT9/iEDsAQA8f9cNNBTYJm9jNzK8Cst40RYwhSgc=
x-served-by
cache-mia-kmia1760035-MIA
content-length
615
last-modified
Fri, 15 Sep 2023 11:24:22 GMT
server
AmazonS3
x-timer
S1695131472.312033,VS0,VE0
etag
"d1a9c594de43ef41327ecd030363b3f0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1207
relativeTime.web.cf9fe59605f83561b0f4.js
assets.guim.co.uk/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/relativeTime.web.cf9fe59605f83561b0f4.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
defc8fe3edfd40a35b5f216fce9c3e1c59f82dabd6a8443db205775dc8f51074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
vrVs7UMNkuMK8LpIZVbur6bVhAltC.gj
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD1KB5NDXWM6ZDY
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/relativeTime.web.cf9fe59605f83561b0f4.js
fastly-restarts
1
x-amz-id-2
sx8JLb+9aojFOOXJsb5ogVag7Qbux3kyp36ViauzOE7UAwsvS4IJtEmEUA6JsHHGpXL+KPISp/E=
x-served-by
cache-mia-kmia1760035-MIA
content-length
975
last-modified
Fri, 15 Sep 2023 11:24:23 GMT
server
AmazonS3
x-timer
S1695131472.311996,VS0,VE0
etag
"0aac1b3d87883f00f23c85c1b6d662e0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1211
discussion.web.11ce6e91b8361aa6e7c1.js
assets.guim.co.uk/assets/ 		564 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/discussion.web.11ce6e91b8361aa6e7c1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ddeab5a7111c718bd424febd360830eac1f8ae94bed13f6e5983a96ceb39a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
FSoJ2vXKsKsoE7psKmkDcU3CxsEOJJl1
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD7DFGD6MNXKWVQ
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/discussion.web.11ce6e91b8361aa6e7c1.js
fastly-restarts
1
x-amz-id-2
Ss5w9EP1Dp7vqEA9hjnzLqVI8fRgjKDZ4Yl5+zLVo1wQNb9SqDr7tXwOVxBNnUr1thdFbo44Rcc=
x-served-by
cache-mia-kmia1760035-MIA
content-length
406
last-modified
Fri, 15 Sep 2023 11:24:29 GMT
server
AmazonS3
x-timer
S1695131472.312027,VS0,VE0
etag
"d8147dc7498a2b22d99e75acdb94e398"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1211
1
ophan.theguardian.com/img/ 		0
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/1?v=16&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&ref=&visibilityState=visible&tz=600&contentType=article&viewId=lmqdieuj73kwojnmctlp
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&inPrivateBrowsingMode=false
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
wrapperMessagingWithoutDetection.js
sourcepoint.theguardian.com/unified/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fb6931a8318b7efa7655ff7af82d1dc9293c5661614183fc7ad7c9e4a95c8ba
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
content-encoding
gzip
via
1.1 7e1e27db89c10c5d284149b3df2ae272.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
1778
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760035-MIA
last-modified
Thu, 14 Sep 2023 19:19:55 GMT
server
AmazonS3
x-timer
S1695131472.317908,VS0,VE22
etag
W/"39aed5892e136ad90409a5b53f4dd1fd"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
vH6sf7NyezKDJ4KO3O1x-PFwflzrY-nNkwrpXwMdVW5gRIpcy-adQQ==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&experiences=dotcom-rendering
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&edition=US
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&abTestRegister=%7B%22abophanEsmControl%22%3A%7B%22variantName%22%3A%22control%22%2C%22complete%22%3Afalse%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
FocusStyles-importable.web.6044b1fc177ded0d0ddd.js
assets.guim.co.uk/assets/ 		1 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/FocusStyles-importable.web.6044b1fc177ded0d0ddd.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18fb19c3d2ae0a120b44e037764226d279b209474bde953aacee461cfe8bfb95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
xJMZLw4_BFbn.BWkIwq44NsigqqX69ZU
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD3Q8H36Y065HVB
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/FocusStyles-importable.web.6044b1fc177ded0d0ddd.js
fastly-restarts
1
x-amz-id-2
YYhjunSlxmd8Cchoj0sS/EdNTLN8nD2ijcJfzGEflWQd1VDPfsMRHdV+NJcDdG9AX0+4tXzlbUY=
x-served-by
cache-mia-kmia1760035-MIA
content-length
508
last-modified
Fri, 15 Sep 2023 11:24:25 GMT
server
AmazonS3
x-timer
S1695131472.326012,VS0,VE0
etag
"7bae6870ee4ca6027d14482a8535652e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1202
AlreadyVisited-importable.web.1b3f9ac726c64a80b994.js
assets.guim.co.uk/assets/ 		607 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/AlreadyVisited-importable.web.1b3f9ac726c64a80b994.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c91c7be8598e4210598593943d3482dcc8404c79a7c568b12fe3b781de1a757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
XHXP48A4apbB8VGtrb6mHzOCFChSK6Jn
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD18NMQBPN5JH5T
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/AlreadyVisited-importable.web.1b3f9ac726c64a80b994.js
fastly-restarts
1
x-amz-id-2
ln5TjWR1BXTTjrTO+V0Xrjr2g7I2BT9LpSUz2iideC8U8hER5v8ZxTTimd7lcZ/DhtR+r96YSpo=
x-served-by
cache-mia-kmia1760035-MIA
content-length
414
last-modified
Fri, 15 Sep 2023 11:24:26 GMT
server
AmazonS3
x-timer
S1695131472.326235,VS0,VE0
etag
"1ec7ba2a684a6ca1cd78e843be89d34b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1205
Metrics-importable.web.4e25a32f3cc6cfb7797e.js
assets.guim.co.uk/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/Metrics-importable.web.4e25a32f3cc6cfb7797e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea49774fb0589245db2c4249c9ff8905cbd49ad633dd102a1de7ffbf4a20eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
CafUstPNyry43BiJb92QtcQMvNStghQr
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDE0SQKRFY0N1Y6
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/Metrics-importable.web.4e25a32f3cc6cfb7797e.js
fastly-restarts
1
x-amz-id-2
i5nzBH0rDghOijJnFO/6Rx98pukse35E0azBIbxUrDERUhEJ+cYcp/M6a/7wjk6ScGgkmsbehAw=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2549
last-modified
Fri, 15 Sep 2023 11:24:29 GMT
server
AmazonS3
x-timer
S1695131472.326747,VS0,VE0
etag
"ffae256e70f9364c3126aff38a0d6220"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1213
BrazeMessaging-importable.web.0a10e33c89c2b47e80f8.js
assets.guim.co.uk/assets/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/BrazeMessaging-importable.web.0a10e33c89c2b47e80f8.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b76fb31899af3edcd5b1525657ac4afe56cbfb819b62981e95cbfa4cbe4c1757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
qWJljugpxgO4paqtU3oGHsGGicl6P8Bs
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PE2E744RCWEJRWE7
age
354248
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/BrazeMessaging-importable.web.0a10e33c89c2b47e80f8.js
fastly-restarts
1
x-amz-id-2
MeRM2NKEP2FHZkzyjrQgLjVnDB3QLYlKCZOLOOyV4fMzw+5QoCfIBo8C/gvwJDASNSBPuNlbL6g=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5474
last-modified
Fri, 15 Sep 2023 11:24:29 GMT
server
AmazonS3
x-timer
S1695131472.327023,VS0,VE0
etag
"4c10cd4340e6ee4089b5335b3415a5c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
ReaderRevenueDev-importable.web.e05367e211e63590bf76.js
assets.guim.co.uk/assets/ 		778 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/ReaderRevenueDev-importable.web.e05367e211e63590bf76.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f35149ca7325ec9a5ea602b86ccca6d8f27257b83e33137785699a6a2170a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
W2Er8ocBu7L3VHmhuS9K3Xvf8ByQ1k6L
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
8RVNDA877AP1EXM8
age
354284
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/ReaderRevenueDev-importable.web.e05367e211e63590bf76.js
fastly-restarts
1
x-amz-id-2
6SbRc7PU3Ccv2dgevE5iaCNl3SD27GXSQ+UkcXSxtiGlZ0IRAg7GqNP+A4FzjrmxNGluchuIOEw=
x-served-by
cache-mia-kmia1760035-MIA
content-length
462
last-modified
Fri, 15 Sep 2023 11:24:27 GMT
server
AmazonS3
x-timer
S1695131472.327410,VS0,VE0
etag
"ac910dcf44038bdc0a02cbda2ad99d6f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
1149.web.8a408e12210160e8774c.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1149.web.8a408e12210160e8774c.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49b5b459886b2f82939da5f23b8019b6feccf903246b66ebfa0173de7b3ec167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
_X70ntc9LG1mP76VwJ758hBPKAVuNZw4
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD3BR9MZBFTRP9P
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1149.web.8a408e12210160e8774c.js
fastly-restarts
1
x-amz-id-2
HKqvnvQ3KAlNsGcuZWCQayY06qE9ANASyhYYZGxEafq3KwsH4r9yVF6OI6PSfoycl9SnGH+zwc0=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2919
last-modified
Fri, 15 Sep 2023 11:24:20 GMT
server
AmazonS3
x-timer
S1695131472.328198,VS0,VE0
etag
"0b00c8df4187a193cf4fd5c78f61945a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1177
SupportTheG-importable.web.ec36283343a27479ee29.js
assets.guim.co.uk/assets/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SupportTheG-importable.web.ec36283343a27479ee29.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e8ced7016614b088dd56ac7f22783fb056ddceec9870c54ac6790a207d2cf5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
C7_2F.VDeoKGvGVZu69iN7jJoykHiCVb
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCD47WG3V2EX2DPH
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SupportTheG-importable.web.ec36283343a27479ee29.js
fastly-restarts
1
x-amz-id-2
CRDf134G1Y0ytko38aU/YhURjwOiEe4g04bjKKtIm+/xWe73NtYKiSjvriE20hsVf+ZoykhrlpQ=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5005
last-modified
Fri, 15 Sep 2023 11:24:25 GMT
server
AmazonS3
x-timer
S1695131472.328925,VS0,VE0
etag
"13b59700d877bf133d7391d990e16390"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1172
SubNav-importable.web.4654ce3003d5a6ebf429.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SubNav-importable.web.4654ce3003d5a6ebf429.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76e82444ee7b7f4cdb120917038977e523b4ac49870ad24736835e44e5a2ac6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
WqvkEMLc6yVHtETgUn97zXnprfPmLLYp
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
18C2MWC6JDEVKNVX
age
354131
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SubNav-importable.web.4654ce3003d5a6ebf429.js
fastly-restarts
1
x-amz-id-2
07MNPadD7AxjUBIGGIaITX5fuCaqmPEMYL0u+aLFVYM8qEzSRw5vK0iTwdTtthRjNNq+A9v396A=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2361
last-modified
Fri, 15 Sep 2023 11:24:25 GMT
server
AmazonS3
x-timer
S1695131472.329328,VS0,VE0
etag
"831f50093d51a9b40c624e6e40691a7f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1163
8268.web.9f82c309d7ecc0ffc426.js
assets.guim.co.uk/assets/ 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/8268.web.9f82c309d7ecc0ffc426.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91cfd74fe60df14c0c2d2a3819f4fb78d2560f378f5f0fa3fc9bf8ae825228a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
0mXF3BofssrqllRk0viJekOAYC3KTJzQ
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDDRBVMM2XYKPKK
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/8268.web.9f82c309d7ecc0ffc426.js
fastly-restarts
1
x-amz-id-2
/MXNjqQSW6DTuY9vuno7xVGV03N5B+113MRp3kGxBbZwu3YWWmOsJ2S13taIJx7bscJbLj0pD2I=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5823
last-modified
Fri, 15 Sep 2023 11:24:30 GMT
server
AmazonS3
x-timer
S1695131472.329706,VS0,VE0
etag
"dc45a78f1d3f3390b916655f11831929"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1085
4593.web.9e180340ee7aca8309ee.js
assets.guim.co.uk/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4593.web.9e180340ee7aca8309ee.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8c0e2744f5bdf9bfc87aba237434171658aa57bcc8b84a69f4b4d5277796bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
AsyX8IpwQfQvrGILrAZ2zEmNPJEhBYJL
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDD4ENRTPMKGCYJ
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/4593.web.9e180340ee7aca8309ee.js
fastly-restarts
1
x-amz-id-2
sZIXI5Ss6EQwH431dsjc/5HoiztS7z9dTZ8Z86t20Bq42CMS9+MLuW35Okw72/92Fhq+Wpcynp0=
x-served-by
cache-mia-kmia1760035-MIA
content-length
1678
last-modified
Fri, 15 Sep 2023 11:24:21 GMT
server
AmazonS3
x-timer
S1695131472.329687,VS0,VE0
etag
"7e33f22e29185102a9e1536e4f8b60b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
914
RichLinkComponent-importable.web.653dea8f111c99fa7092.js
assets.guim.co.uk/assets/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/RichLinkComponent-importable.web.653dea8f111c99fa7092.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e412cde204a9f444be1f0f57c9ede67c4069ef3fa637f874b1f601d574023d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
6F9ee05GhFGwbz9SuUYZWP9pCeVvYl9m
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
EJ3QFNZH4C1E27R5
age
353776
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/RichLinkComponent-importable.web.653dea8f111c99fa7092.js
fastly-restarts
1
x-amz-id-2
NL40H140bl/dmgFCiGnu6FXnrb147UF2+dxyt+hdS9Efj88cls72jZmoUuxuhV7tSvAsn6M5Y9A=
x-served-by
cache-mia-kmia1760035-MIA
content-length
5919
last-modified
Fri, 15 Sep 2023 11:24:29 GMT
server
AmazonS3
x-timer
S1695131472.329673,VS0,VE0
etag
"44f9f2cd173892bfe91830b6089c264c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
705
StickyBottomBanner-importable.web.f8fac2fe5dc5c64290f2.js
assets.guim.co.uk/assets/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/StickyBottomBanner-importable.web.f8fac2fe5dc5c64290f2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0222247e0db48c16afb7eeca10087c088a21fb5d8483710edfb90415f1ae68d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
8tluYj9nkgTL4WmVAKDkTDknrzS.sj2v
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:12 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PCDD0WARRCNHFMA2
age
354160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/StickyBottomBanner-importable.web.f8fac2fe5dc5c64290f2.js
fastly-restarts
1
x-amz-id-2
/VmjZuYEsOh9huQR2a+eWsZJNFND9YAGhLcu8jeC+WldxxE+gWW9psR74P66mHDDwT6V1OY0S3w=
x-served-by
cache-mia-kmia1760035-MIA
content-length
4577
last-modified
Fri, 15 Sep 2023 11:24:24 GMT
server
AmazonS3
x-timer
S1695131472.329673,VS0,VE0
etag
"af48f72d9327837202ec09d8c7c95f54"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1208
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&attentionMs=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:12 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&abTestRegister=%7B%22SignInGateCopyTestRepeatSept2023%22%3A%7B%22variantName%22%3A%22quick-and-easy%22%2C%22complete%22%3Afalse%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:13 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
3549.web.d5e6a64c5032c82ed23d.js
assets.guim.co.uk/assets/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/3549.web.d5e6a64c5032c82ed23d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43ed4048ef542bd40450cd70e840beca7fcadf4530652e4692ff01b0b3d23f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
_ARQL6k7QcFm8kdQ0fxpfsXHv8Ae8sw8
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:13 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
VY24Z0RX4JFP4BTD
age
2327782
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/3549.web.d5e6a64c5032c82ed23d.js
fastly-restarts
1
x-amz-id-2
9IiMSkgv3cPovSCgHLIsYIV4Zqg1ORuTi4pufj1iFnm8NUvHI302t5krmFw2rkZeULWtuZccWw8=
x-served-by
cache-mia-kmia1760035-MIA
content-length
21321
last-modified
Wed, 23 Aug 2023 14:43:37 GMT
server
AmazonS3
x-timer
S1695131474.659619,VS0,VE0
etag
"75899195a47c56fae95b5f778502dde2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
4306.web.ef503f73b9bcc28a904e.js
assets.guim.co.uk/assets/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4306.web.ef503f73b9bcc28a904e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b4b1328e950b999005ee53309cd1fc663e70b7d36c2821112e101a4d710e31e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
ggBaCBqI4sungA8V_z2WLd1p_4i4HNYc
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:13 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
7W7FWQ2T6A98E9BC
age
354241
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/4306.web.ef503f73b9bcc28a904e.js
fastly-restarts
1
x-amz-id-2
KuP0WX/V3MgbdZUW2vmC3gqqhAUTYb7n703yoq2WaIW3hwNRKwJ9bVUBqb6uZ5VUm7RbB5PB4co=
x-served-by
cache-mia-kmia1760035-MIA
content-length
6392
last-modified
Fri, 15 Sep 2023 11:24:20 GMT
server
AmazonS3
x-timer
S1695131474.659788,VS0,VE0
etag
"8118a835224095e54895b050e54d6a1f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
76
5210.web.4da2c28e893391b6984f.js
assets.guim.co.uk/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/5210.web.4da2c28e893391b6984f.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3965fc97570f16c3657e41fb39fe92914939f4716dea6a287ebc9e87301a561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
YsjQEe4EqZ4ZSc8cSasX4Xfe.BDSIyzT
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:13 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
B7TSC2F4AGFRJJFJ
age
354247
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/5210.web.4da2c28e893391b6984f.js
fastly-restarts
1
x-amz-id-2
EYU1pp53o61oLRtcyecK4MyS8SJP8Vd1XN89lXIKiFyc2BmAE5t/GFBcboDz807KBbqbBro413k=
x-served-by
cache-mia-kmia1760035-MIA
content-length
940
last-modified
Fri, 15 Sep 2023 11:24:24 GMT
server
AmazonS3
x-timer
S1695131474.659822,VS0,VE0
etag
"b89178cab65601aac5eb216d3e07dcd7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
66
8085.web.49622c46b177a8386233.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/8085.web.49622c46b177a8386233.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f6b2b62d2f6d7d86be696b424b6d11d1af29308d934371f9697a8659f27898c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
g7m09P2HNofAztPhk30p9ehp5Vk3YKW4
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:14 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
PKX05HWXPQH7Z3C4
age
1048846
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/8085.web.49622c46b177a8386233.js
fastly-restarts
1
x-amz-id-2
UMbW+yR2sepEonLhv3sNSC4CoqoYA+ut2+yyz3MJY6YRIFggd7JWyz9tXoVAGpdviyha8dXYiS4=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2594
last-modified
Thu, 07 Sep 2023 10:22:04 GMT
server
AmazonS3
x-timer
S1695131475.593433,VS0,VE0
etag
"a0d918c4e1d1911813ff92e09ca294f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
70
ro-khanna-joe-biden-impeachment-inquiry-kevin-mccarthy-fox-news-sunday.json
api.nextgen.guardianapps.co.uk/embed/card/us-news/2023/sep/18/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/embed/card/us-news/2023/sep/18/ro-khanna-joe-biden-impeachment-inquiry-kevin-mccarthy-fox-news-sunday.json?dcr=true
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3101c4fdfc11ba415276c882c1a8c730038de60ce66a48467e79c69fb379259c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
onward
x-cache
HIT, HIT
content-length
827
x-served-by
cache-lcy-eglc8600060-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131475.906336,VS0,VE1
x-gu-geolocation
country:US
etag
W/"hash-7895021657159651282"
x-gu-frontend-git-commit-id
6359c5eeda42e9ef0a611807208650df409229a6
vary
Accept-Encoding,X-GU-Experiment-0perc-D,Origin,Accept
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-gu-depends-on-experiments
europe-network-front
x-cache-hits
16, 1
4240.jpg
i.guim.co.uk/img/media/96ff3a9087fe16b90c19288b77ef28c588af43af/0_166_4240_2544/master/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/96ff3a9087fe16b90c19288b77ef28c588af43af/0_166_4240_2544/master/4240.jpg?width=460&quality=85&auto=format&fit=max&s=bad96ee75aeec4230f0cfede405478ae
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63ee51a661e8ea8de4e6b8c57459de36ef92be6892fb6ae549da3c8219311924

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:14 GMT
via
1.1 varnish, 1.1 varnish
age
151157
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2110110 idim=4240x2544 ifmt=jpeg ofsz=10866 odim=460x276 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
166
content-length
10866
x-served-by
cache-lcy-eglc8600058-LCY, cache-mia-kmia1760035-MIA
server
AmazonS3
x-timer
S1695131475.937047,VS0,VE1
etag
"MedKxz9yV4JGJzXARFml4/N7SyATOXSoXYJTxix66J0"
x-amz-meta-bounds-height
2544
x-amz-meta-bounds-width
4240
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
12, 1
ccpa.9150e6676be078733cd5.bundle.js
sourcepoint.theguardian.com/unified/4.13.2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/4.13.2/ccpa.9150e6676be078733cd5.bundle.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d96a415933700f3aa03e86b13fafae24fa8b0e7d563882c460490826372d2b7b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
gzip
via
1.1 625c4f82af400e1a9c2ad531a61fed36.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
412211
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760035-MIA
last-modified
Thu, 14 Sep 2023 14:28:06 GMT
server
AmazonS3
x-timer
S1695131475.216588,VS0,VE14
etag
W/"0ed57f1d98b89cea027396ec9755c52c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EF2VDlUzS-09_Z9qlmxdsR0LcFzjOa_O9W8r_vEW26MHkYOIRZVbEw==
x-cache-hits
0
get_site_data
sourcepoint.theguardian.com/mms/v2/ 		207 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&account_id=1257
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
11c18a946d974537076fea01010eb8c57b94c8e17727ef817b89e69c40ec999c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 ee241db87cad16c230c7108bb527de30.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node
ip-10-128-16-101
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
82115
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.217856,VS0,VE14
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
5c5XiVEctJHF_xP8ElZNtvzrxNzdbvnqB_DeH61KEEdlM1zkVtnhxQ==
x-cache-hits
0
meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
66602
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 ee241db87cad16c230c7108bb527de30.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
nXOtd4aTrZBvEMhwzrjTRmDY2u5ygPQ-TpwnY48mAXqIMwoqEAYQIA==
x-amz-cf-pop
ATL59-P5
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.262809,VS0,VE14
meta-data
sourcepoint.theguardian.com/wrapper/v2/ 		73 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.2&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 ee241db87cad16c230c7108bb527de30.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
1411
x-powered-by
Express
x-cache
Hit from cloudfront, MISS
content-length
73
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.304963,VS0,VE14
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
4epGOrAS_K7pYXmwFSaVTOwbqExvnWMOr-HNKoaXjsawVVen-HHhTw==
x-cache-hits
0
messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
79517
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 57e6ef65d699199d9881c4002445b1b2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
IMZWq-YIWXzR0X_NdogtwN-HQWcFJuuoyb8hBNv7OLpHJn3p8YvHdQ==
x-amz-cf-pop
ATL59-P5
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.349080,VS0,VE21
messages
sourcepoint.theguardian.com/wrapper/v2/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.2&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
cdddb0c87ad1213bc74fd01ee854993d1b70de00c9176153c7919232be801b2d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
gzip
via
1.1 3e445414cb8134bf4b609fdcfe022fcc.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.397439,VS0,VE53
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
_0e4f68gT8Qn5Lnw5lN5SO2TqgeF6BQ7lNmHgoyUfEDVMvY9IxcjxA==
x-cache-hits
0
header
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:15 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131475.416594,VS0,VE118
header
contributions.guardianapis.com/ 		915 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
70afbebc74da63aa716bff829b746e1d490df704bd19c14aef7bcc1c103a2a33

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-mia-kmia1760028-MIA
date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 varnish
x-timer
S1695131476.577669,VS0,VE115
x-powered-by
Express
etag
W/"393-BoesEsagEwtMkrwhuqiYOKulbfo"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
content-length
915
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&performance=%7B%22dns%22%3A6%2C%22connection%22%3A101%2C%22firstByte%22%3A161%2C%22lastByte%22%3A148%2C%22domContentLoadedEvent%22%3A272%2C%22loadEvent%22%3A3019%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav3%22%2C%22nav2%22%2C%22sub-nav%22%2C%22section%22%2C%22meta-byline%22%2C%22rich-link%22%2C%22footer%22%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&performance=%7B%22dns%22%3A6%2C%22connection%22%3A101%2C%22firstByte%22%3A161%2C%22lastByte%22%3A148%2C%22domContentLoadedEvent%22%3A272%2C%22loadEvent%22%3A3019%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.theguardian.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 ee241db87cad16c230c7108bb527de30.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
PX5RUOFQkIuBfZLOp9_dfRC36RR5S6QJwGQST_1TTa9WOr48HLEcDw==
x-amz-cf-pop
ATL59-P5
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131476.561600,VS0,VE34
banner
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:15 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131476.581728,VS0,VE119
epic
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/epic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:16 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131476.583326,VS0,VE471
pv-data
sourcepoint.theguardian.com/wrapper/v2/ 		190 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.2&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
f747585e37ced141e9a42844f195a228d0ffd8867939b87352a8503d07852af3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 57e6ef65d699199d9881c4002445b1b2.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
content-length
190
x-served-by
cache-mia-kmia1760028-MIA
x-timer
S1695131476.622820,VS0,VE42
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
0ksYRNsAho6yCGXXy00_YH6StaANanyDe_qKil5Cuf6BO85_4fG3SA==
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 12:05:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 19 Sep 2023 14:05:40 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22CONSENT%22%2C%22products%22%3A%5B%5D%2C%22labels%22%3A%5B%2201%3ACCPA%22%2C%2204%3A%22%2C%2205%3Afalse%22%5D%7D%2C%22action%22%3A%22MANAGE_CONSENT%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ 		402 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10b2a4f1ab0fe7f1c0170ec82bab62e286edb4fda40ad665b865a2f05853c93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 13:03:39 GMT
server
cloudflare
x-amz-request-id
ZM78MM3THVEPVYDQ
age
670
etag
W/"77a4f72ecb5b3fd9f009fa9fbf645686"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
80924d6afdd667e1-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
a5aIMKklAZISLUPAsK0LCJUlDzouu7vY7Ne3QJ3uh1DcbjXSDqbIunYW9WDIHq/p8I4WvrMlBLE=
graun.209.commercial.js
assets.guim.co.uk/javascripts/commercial/8bdb0ec5318a8e764791/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/8bdb0ec5318a8e764791/graun.209.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52bb0178333e9d445ec5d4e0bae687452510bc8ade17396621fd0805a0d00f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
wz3rr1988cJ9PXTit90r1Ji05hAalC0W
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
6Q6WPDPR2X7P3KSS
age
2234683
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/8bdb0ec5318a8e764791/graun.209.commercial.js
fastly-restarts
1
x-amz-id-2
M6n9vNrYG9L7HSYdJpiCaExiRTkLJ6FC5lI1ra8Zj1h86kYOWiWRThdqE6PJZBlquptSyoGkruRZbk+dhokI7w==
x-served-by
cache-mia-kmia1760035-MIA
content-length
6902
last-modified
Thu, 24 Aug 2023 17:00:01 GMT
server
AmazonS3
x-timer
S1695131476.575660,VS0,VE0
etag
"defbdb9cffd899c32ea49ce600f92928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
639
graun.803.commercial.js
assets.guim.co.uk/javascripts/commercial/a3c39cd406789adcf1a9/ 		689 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/a3c39cd406789adcf1a9/graun.803.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d166f50f0e089ce80daa06bf17a3c7f42aba171d9248f69c23cc73d2a5f9fa21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
TbcW2LG1pcXcaV3oIdDRexejJohp793A
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
WXPEK9XGBA314FA8
age
2234098
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/a3c39cd406789adcf1a9/graun.803.commercial.js
fastly-restarts
1
x-amz-id-2
oV7sCjOWl7MOxZ6iOtghaKcFwOim81n/Grk4fZ6m+i1aLL8Z5yv0zfBIYIH0OpChaNBc5Hv6Qoo=
x-served-by
cache-mia-kmia1760035-MIA
content-length
408
last-modified
Thu, 24 Aug 2023 17:00:01 GMT
server
AmazonS3
x-timer
S1695131476.576164,VS0,VE0
etag
"47b18372c5b997b9f4705ae64cf3ab88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
633
graun.Prebid.js.commercial.js
assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/ 		364 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f88fa8a4daaaa1d0d95939b010285406f075e50e9e53bc8b613d3afbf12f4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
QVjhvAoTeHgHP1SE8lRvyhSH8BPD5VVp
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
67MRX01457M9DN4W
age
2234951
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
fastly-restarts
1
x-amz-id-2
SLMBX0zo6S5qvcwM+Vtx8irPN9Or3doyDDO02S11FFm1bg37KstEwdcuDUQzJjCRBQwZqCU8tL8=
x-served-by
cache-mia-kmia1760035-MIA
content-length
123282
last-modified
Thu, 24 Aug 2023 17:00:01 GMT
server
AmazonS3
x-timer
S1695131476.578825,VS0,VE0
etag
"a9f0893c1e457380d8097224a35636fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
588
apstag.js
c.amazon-adsystem.com/aax2/ 		249 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:42:43 GMT
content-encoding
gzip
via
1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:03:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
513
x-amz-server-side-encryption
AES256
etag
W/"dbe99cd7da3b62fd2eb4471b4e2a636c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
fHYjKdPn0ZwC3tFOaAK-Ux4mW_dx_Tsoap1zHNcu654iM-pOO92ZIg==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
3.163.80.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-80-98.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 04:38:12 GMT
content-encoding
gzip
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P7
age
68036
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
c_70_6fdKD8w0Ektr2NfpozS97j1YQt31nRC3sgscSM5ET6TvvSl-g==

Redirect headers

date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL58-P7
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
rfj_tKTLZPImGO7b0VP__rrtJnhgPNcDRspHBPA3fxCjxzeXkwyIQQ==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-52.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
WJEDCJAMYFX0DKBP
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
+WLXm765EafePmzD41JmckJNSf8+rnk5LSpslcbTTBWmtplZuYOVJbefQzUQhQpof7YyjMv4MD8=
banner
contributions.guardianapis.com/ 		2 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-mia-kmia1760028-MIA
date
Tue, 19 Sep 2023 13:51:15 GMT
via
1.1 varnish
x-timer
S1695131476.728117,VS0,VE121
x-powered-by
Express
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
content-length
2
x-cache-hits
0
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:08:41 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100059-IAD
epic
contributions.guardianapis.com/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/epic
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
0d6ae83e363b308bd8ebf49f4c9cca45c2427ff66c5654250057608f2ecb2685

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-mia-kmia1760028-MIA
date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 varnish
x-timer
S1695131476.082402,VS0,VE120
x-powered-by
Express
etag
W/"1a82-KFSIkgMUABV0aqiqrH1LYf+2CTI"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
2b8dcd580431e83a1410be6d8ec49e93174361927b51d1109d7853177d373cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16601
x-xss-protection
0
server
cafe
etag
5453248522706735906
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:51:15 GMT
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
cdn.permutive.com/ 		1 MB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f910961fa58b3ee012d64d32411315b26c2d6420f1a08ff59fc390dfbadcd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ADPycdtrzue2_w8XF7Ky3ubn27l-6X3nXV5EZooxjXddujF8w26ex2o7Hh0F5ARGStBqHEOpENVqf4VqAQc4OW0-hDYMDA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 14 Sep 2023 15:38:41 GMT
server
cloudflare
etag
W/"2df4211040d440cb29455c3ee5b9c798"
vary
Accept-Encoding
x-goog-generation
1694705921019997
content-type
application/javascript
x-goog-hash
crc32c=pX0hMg==, md5=LfQhEEDUQMspRVw+5bnHmA==
cache-control
public, max-age=900
x-goog-stored-content-length
366457
timing-allow-origin
*
cf-ray
80924d6ae9add9f9-MIA
expires
Tue, 19 Sep 2023 14:06:15 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-68.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 07:07:13 GMT
Content-Encoding
gzip
Via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-P2
Age
456244
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
WiJUzgIpSrYvI2xJvhRIt6UDOpJUUjDO6fe578Knr_SRq29XTUIoLA==
e96d04c832084488a841a06b49b8fb2d.js
cdn.brandmetrics.com/survey/script/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d07b71f9ef005dae93973faa7d665a90e18362b22f11046cb18fdd440563a37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Sep 2023 13:36:06 GMT
server
cloudflare
age
909
cf-polished
origSize=5455
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC6iCyrIhMizzTjsKFYXIZmpdVNxT8Flv%2BKRrQjnRelqUhHE5D9XPU78S3Aqz8vOYmNRI0No4BCunVUAglqXaXfWavT33H23E5jvO3NETLxy3mAmx5zS3uUwhH0VKcH8cfWcqAg1d67hSK6IvNXUBRqk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80924d6b08c9498c-MIA
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
index.html
sourcepoint.theguardian.com/ Frame 326B 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c6b4b6276b4e6e07bf32da003558fa9b4f95ba2c262f0b0e5210abbcc3667ff
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2651
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 19 Sep 2023 13:51:15 GMT
etag
W/"264c2199b3e77b2be134e5c8f7f47c74"
last-modified
Thu, 14 Sep 2023 14:04:52 GMT
server
AmazonS3
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 9768d3869cd25955b086c1904f7610fe.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
cvNFbFNeLLDmPOP-nMZr1DjkH_RnSAutjnjEf56bPIwGeCI5l4-Y0g==
x-amz-cf-pop
ATL59-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760035-MIA
x-timer
S1695131476.590681,VS0,VE14
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92c00fa671721bfecf79e6c7accb84612cf6919e84f4ba98a9bb36e8d76ae82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29417
x-xss-protection
0
server
cafe
etag
536 / 19619 / m202309140101 / config-hash: 16551161024270559891
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:51:15 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&adUnitWasHidden=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
Header.js
contributions.guardianapis.com/modules/v3/headers/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/modules/v3/headers/Header.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36b91f0d696768070d10721d141b95d6bd30e1b685847c1c131e3066593983b1

Request headers

Referer
https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
e770JCtq_ngeVn2hEbopWQAF2BT3Sx82
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:15 GMT
x-amz-request-id
DMRWAWZG49NB4T4P
age
154
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
max-age=300
content-length
29151
x-amz-id-2
cj7qQtLNSQWmGbTJfsVj04tbeYdxoD2eg84G3A5PdMLpS1eLTu4rVcmqHFHE8VxSNKOE3SHS0Ic=
x-served-by
cache-mia-kmia1760028-MIA
last-modified
Thu, 14 Sep 2023 08:34:49 GMT
server
AmazonS3
x-timer
S1695131476.722965,VS0,VE0
etag
"ac23f15f8df3a65d94e567b545026696"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
3
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663254dd2b17ab293e8c255113e86eae48e9fb9dc0035cede9ab3ce3927bcb76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Sep 2023 13:36:06 GMT
server
cloudflare
age
909
cf-polished
origSize=54256
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzWtPxJP5t0U%2FFD2dKjvTGlWJPjXjhh5ZUV1vnIq0sqTZ5zXQeWRnG3KlL8KLSef5y7iHicMeYVKgx1KbaLywTEoBVPSQSIQ09FKVOEFXDvZnAb1Oai2SKRcFk3te2oxIDNVPyALByhciHl3F0op%2FY4F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80924d6b799f498c-MIA
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202309181129/ 		259 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202309181129/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49306570f3ccfefb7f7ffabad66f48bc2a1dd58cb4dfd77572b40d267d0a4e6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 15:32:08 GMT
server
cloudflare
x-amz-request-id
7PMKRHSCHQAXX6H9
age
74512
etag
W/"7d9af78eddfd41e6ce61b68d1da3f64d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
80924d6bbf9567e1-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2CKUBnkB/QAYY7cv1gX4Mi5kd5CQV0bBdOtMnGzXr3WlaalN7nASAwkJh3HeZIrN5OQmhjm6VvY=
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/?random=1695131475799&cv=9&fst=1695131475799&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tiba=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf615323029fe803821bb5bdae6b76321cadaa76cc40f8ce17c41c4f0fff43d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com&rnd=3120563
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Tue, 19 Sep 2023 13:51:15 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=112282397&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&ul=en-us&de=UTF-8&dt=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACACIAB~&jid=737405519&gjid=1269038285&cid=139186784.1695131476&tid=UA-78705427-1&_gid=5024377.1695131476&_r=1&_slc=1&cd3=theguardian.com&cd4=us-news&cd5=article&cd6=usnews&cd7=us-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&cd8=profile%2Fmartin-pengelly&cd9=us-news%2Fhunter-biden%2Cus-news%2Fus-news%2Cus-news%2Fus-politics%2Cus-news%2Fus-taxation&cd10=tone%2Fnews&cd11=&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36&cd29=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&cd30=us&cd43=dotcom-rendering&cd50=news&z=1349533172
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78705427-1&cid=139186784.1695131476&jid=737405519&gjid=1269038285&_gid=5024377.1695131476&_u=aEBAAUAAEAAAACACIAB~&z=2000831277
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 19 Sep 2023 13:51:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-05-31_HEADER_TEST_R3__US_V2%22%2C%22campaignCode%22%3A%22header_support_2023-05-31_HEADER_TEST_R3__US_V2%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-05-31_HEADER_TEST_R3__US%22%2C%22variant%22%3A%22V2%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
fpc
at.teads.tv/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_2167&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1YNN&shared_ids=&sv=471b531&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-56-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:16 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.theguardian.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 19 Sep 2023 13:51:16 GMT
/
www.google.com/pagead/1p-user-list/971225648/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971225648/?random=1695131475799&cv=9&fst=1695128400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tiba=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&async=1&fmt=3&is_vtc=1&random=701534316&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=h...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&c8=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&c9=
Protocol
H2
Server
3.163.80.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-80-98.atl58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL58-P7
x-amz-cf-id
4857K0jlBMyTXXsPDRaCT4BAn8QZJRYxXOshnDRfmWCHSmXiaKd-4w==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 19 Sep 2023 13:51:16 GMT
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL58-P7
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1695131476042&ns_c=UTF-8&cs_ucfr=1&comscorekw=Hunter%20Biden%2CUS%20news%2CUS%20politics%2CUS%20taxation&c7=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&c8=Hunter%20Biden%20sues%20IRS%20for%20breaching%20his%20privacy%20rights%20over%20tax%20affairs%20%7C%20Hunter%20Biden%20%7C%20The%20Guardian&c9=
content-length
0
x-amz-cf-id
T3PfSbce12D-sOfw86xXhLJV0h3oa3X-HtqYmKO02tYFSkVPwi4BrQ==
3722
config.aps.amazon-adsystem.com/configs/ 		505 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3722
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-26.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
f361a8d3a58f787ce03539da02cad00b9b19addafd25ed1145a6d5a48243d335

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:39:00 GMT
via
1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
736
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
hKzw9dAa3kSLLieT5w20fGFzJMld5stuYSZ9emtUqtHE-QpmmAREgw==
config
c.amazon-adsystem.com/cdn/prod/ 		188 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3722&u=https%3A%2F%2Fwww.theguardian.com
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:12:41 GMT
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
13114
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
188
x-amz-cf-id
K8AZY1M5ku5biaw7E1h6fBprLA1_urG9a-4X_M5nGAwfWR5V2ff--w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
date
Mon, 18 Sep 2023 16:05:32 GMT
x-amz-cf-pop
IAD89-C1
age
78345
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fOgtalptU2BvtBZNOWONbZt6MIwpKb6pfay31WXfZuGwS-wwWoaAQw==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78705427-1&cid=139186784.1695131476&jid=737405519&_u=aEBAAUAAEAAAACACIAB~&z=1153148144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 06:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
25928
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 06:39:08 GMT
adsct
t.co/i/ 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=76e5527f-c04b-4de9-91af-f5b300e299e2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aec40bdb-3515-4925-a4ce-468770456a56&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
75
date
Tue, 19 Sep 2023 13:51:15 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
f3ebf0896c8630c7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ca782e16113dbab446024b4bfbfcd3353f8c91687820bc33ab7cae8a01168972
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=76e5527f-c04b-4de9-91af-f5b300e299e2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aec40bdb-3515-4925-a4ce-468770456a56&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
81
date
Tue, 19 Sep 2023 13:51:16 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
c26035ec37e0749e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad486d33e995458039a2c9241a5f1d95871c1acfef040935094ce0217828d71f
content-length
43
adsct
t.co/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b4afa6c4-cf7f-4b98-a606-2eaa2f12f177&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aec40bdb-3515-4925-a4ce-468770456a56&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
75
date
Tue, 19 Sep 2023 13:51:16 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
65ccb037aa2fbee4
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ca782e16113dbab446024b4bfbfcd3353f8c91687820bc33ab7cae8a01168972
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b4afa6c4-cf7f-4b98-a606-2eaa2f12f177&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aec40bdb-3515-4925-a4ce-468770456a56&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
77
date
Tue, 19 Sep 2023 13:51:16 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
3327bee9b81996f7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ad486d33e995458039a2c9241a5f1d95871c1acfef040935094ce0217828d71f
content-length
43
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-05-31_HEADER_TEST_R3__US_V2%22%2C%22campaignCode%22%3A%22header_support_2023-05-31_HEADER_TEST_R3__US_V2%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-05-31_HEADER_TEST_R3__US%22%2C%22variant%22%3A%22V2%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
ContributionsEpic.js
contributions.guardianapis.com/modules/v3/epics/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/modules/v3/epics/ContributionsEpic.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16f8db1ce03357a928f76cc40dd1516fc17c49311382dbffd197651395cf6d10

Request headers

Referer
https://assets.guim.co.uk/assets/index.web.0a98fca6c89ffd1c0cf1.js?http3=true
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
mtKXoKai0FGcOwl5jpv3BPdhPMr9X5t2
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Sep 2023 13:51:16 GMT
x-amz-request-id
7JN7Z33FYPAGT4HX
age
8
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
max-age=300
content-length
43723
x-amz-id-2
FWnMcmePlBGZVYSrk9dtPjqlkqc3cFIXWsWKM+G1asUHTiwG7HOA5QhcUaUdiuwqqUYiU93DML0=
x-served-by
cache-mia-kmia1760028-MIA
last-modified
Thu, 14 Sep 2023 08:34:49 GMT
server
AmazonS3
x-timer
S1695131476.240018,VS0,VE1
etag
"5b8d476ea989b7a4e03c7e2290588747"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1
pxid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/ 		46 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/pxid?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b76aa5a17bd5b7595e550a44729ba6061ba5857a494c87c8ac913004be265be5

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:16 GMT
an-x-request-uuid
9eb579f0-13c2-49cc-a305-6e4c4e594bd8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
7b8173c1-8f48-41ab-a61d-00efca6fc803
https://www.theguardian.com/ 		738 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/7b8173c1-8f48-41ab-a61d-00efca6fc803
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49fe7a10f4d8865b1d1e9fef7e807cf8168f1362ede952e87ceda9222ebd3261

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length
755682
Content-Type
40a0828b-e422-434d-85fc-c1e36cbf2448
https://www.theguardian.com/ 		738 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/40a0828b-e422-434d-85fc-c1e36cbf2448
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49fe7a10f4d8865b1d1e9fef7e807cf8168f1362ede952e87ceda9222ebd3261

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length
755682
Content-Type
geoip
api.permutive.com/v2.0/ 		285 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
watson
api.permutive.com/v2.0/ 		408 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2826ab783d04a9e6446be25431854ccd2515f0fc5b61bea04bcec3c90732dd60

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
cdn.permutive.com/models/v2/ 		40 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67df3c236a9c020c95e46afef78a12d8b14e9ac89b7a43a5a54e12e69ceb362

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ADPycdsV83zgSRdcwPSH_82kHddnHwl3lrP8bLwUHSH9p7_s9pypx7_wBplUaplSw_p6L070DbaWzmPIGBzXPzieO1gvd50oQ7WM
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
29876
last-modified
Tue, 19 Sep 2023 06:03:09 GMT
server
cloudflare
etag
"481ebdceb4bffedc04066944bafd0c1e"
vary
Accept-Encoding
x-goog-generation
1695103389246616
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=J2Ixcw==, md5=SB69zrS//twEBmlEuv0MHg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
29876
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80924d6feb819ac0-MIA
expires
Tue, 19 Sep 2023 13:18:11 GMT
Notice.fb11f.css
sourcepoint.theguardian.com/ Frame 326B 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.fb11f.css
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9fe08a99abfa36a74e11674264fa3b1fd81ebda4e95ddd7c7bdf77a690caef1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 bfe91825b1dd213ccc1a59181b997ae4.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
2275
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760035-MIA
last-modified
Thu, 14 Sep 2023 14:04:52 GMT
server
AmazonS3
x-timer
S1695131477.512071,VS0,VE21
etag
W/"0673c7511a5905151b21f2971c43f0e6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
XJeHNhafxRdhPL7CBtrUDoLGpqMMHTkkCbxqhetcFPGLEnvkOqDVvQ==
x-cache-hits
0
polyfills.d36c5.js
sourcepoint.theguardian.com/ Frame 326B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/polyfills.d36c5.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 625c4f82af400e1a9c2ad531a61fed36.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
2333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760035-MIA
last-modified
Thu, 14 Sep 2023 14:04:52 GMT
server
AmazonS3
x-timer
S1695131477.512263,VS0,VE14
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9PRpwHyGXKAc0j5ONVsMfS6zKTWal5v9V1k4cLLwUQ0KPSEqdSlDow==
x-cache-hits
0
Notice.ac8ce.js
sourcepoint.theguardian.com/ Frame 326B 		299 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.ac8ce.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3021fe2d0dfdb7cd1430b4b8bd0cbde53a3e4cf6df939d67fc625bf9ab22294e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=1eaed99e-37c4-4cdb-89ae-ce214c1b2c5c&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 9768d3869cd25955b086c1904f7610fe.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
ATL59-P5
age
2652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-mia-kmia1760035-MIA
last-modified
Thu, 14 Sep 2023 14:04:52 GMT
server
AmazonS3
x-timer
S1695131477.512360,VS0,VE14
etag
W/"718e11fdb9f364459460c9fa66190c53"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
FVD6u2jd-CBAIH6Rs0I6aIYtnQXbOu-v3eqXrsYK48QD2NNNsTDucQ==
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
68355445895697a703bc1052f5107c95062017dc0a6eaed9147258abce1445d0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 19 Sep 2023 13:51:16 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527
pubads.g.doubleclick.net/activity;dc_iu=/59666047/ 		42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/59666047/DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline1,ss:%5B1.1,2.2,300.250,300.274,620.350,550.310,300.197%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--top-above-nav,ss:%5B1.1,2.2,728.90,940.230,900.250,970.250,88.71,300.197,300.250%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--survey,ss:%5B1.1%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--right,ss:%5B1.1,2.2,300.250,300.274,300.600%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--merchandising-high,ss:%5B1.1,2.2,88.87%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--mostpop,ss:%5B1.1,2.2,300.250,300.274,300.600,300.197%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--merchandising,ss:%5B1.1,2.2,88.88%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&slot=%7Bid:dfp-ad--inline2,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/us-news/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=d2516cf5-4d3a-4290-0cda-f850a7aeb006&url=https%253A%252F%252Fwww.theguardian.com%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.109.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-109-44.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b38bc5ad556ae09ce878ba7829808ec2b47151089f82d7dcfc61260d69c004aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
server
nginx
x-server-name
app19.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
500.png
i.guim.co.uk/img/media/6d6aec079caf868fd5948df959a82f67841d475d/0_0_1628_1317/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/6d6aec079caf868fd5948df959a82f67841d475d/0_0_1628_1317/500.png?width=400&quality=75&s=764f4aed4118b6315798444bd2911ca0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de095c57e54a9d6e85c6d1584912830b4dee9b76837fb194335babe3214ecdc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
via
1.1 varnish, 1.1 varnish
age
2465251
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=68018 idim=499x404 ifmt=png ofsz=86318 odim=400x324 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
86318
x-served-by
cache-lcy-eglc8600037-LCY, cache-mia-kmia1760035-MIA
server
AmazonS3
x-timer
S1695131477.009283,VS0,VE0
etag
"Wcj1FxcTYo+FeGB6EqBzT7pOf9Rmt+Zvn4oLZx9QkXA"
x-amz-meta-bounds-height
1317
x-amz-meta-bounds-width
1628
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
399, 93
payment-methods.png
assets.guim.co.uk/images/acquisitions/2db3a266287f452355b68d4240df8087/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.guim.co.uk/images/acquisitions/2db3a266287f452355b68d4240df8087/payment-methods.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b19757aa154780ef70b03267727892c9468f3f7944885a6e739e7420f7ea7da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
4HuwWpQs43VWWtPrMAu7Y_5LaTo0jQrz
date
Tue, 19 Sep 2023 13:51:17 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
G7EVKCZQ7YDH8Q4D
age
19811773
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/images/acquisitions/2db3a266287f452355b68d4240df8087/payment-methods.png
fastly-restarts
1
x-amz-id-2
IMkKIW9xZ8+RRZ6y2ErSmwQjhY66w5PvBrphRdF67c/CnlHl9COEb1qsKEewodplOmS5M5+hwZ4=
x-served-by
cache-mia-kmia1760035-MIA
content-length
2448
last-modified
Wed, 01 Feb 2023 10:58:14 GMT
server
AmazonS3
x-timer
S1695131477.009389,VS0,VE0
etag
"2db3a266287f452355b68d4240df8087"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
609
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lmqdieuj73kwojnmctlp&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_EPIC%22%2C%22products%22%3A%5B%22CONTRIBUTION%22%2C%22MEMBERSHIP_SUPPORTER%22%5D%2C%22campaignCode%22%3A%22gdnwb_copts_memco_2023-06-07_EPIC_US_BETSYPRICEASK_V1_BETSYPRICEASK%22%2C%22id%22%3A%22gdnwb_copts_memco_2023-06-07_EPIC_US_BETSYPRICEASK_V1_BETSYPRICEASK%22%2C%22labels%22%3A%5B%5D%7D%2C%22abTest%22%3A%7B%22name%22%3A%222023-06-07_EPIC_US_BETSYPRICEASK%22%2C%22variant%22%3A%22V1_BETSYPRICEASK%22%7D%2C%22action%22%3A%22INSERT%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.213.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-213-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
GuardianTextEgyptian-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1bf42c2df6fa95e0806bccd64191d78325514d758c455c0d959913a25d6a101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
xekHq02YcWRvptVrpkeT6X.H6lxNoYVW
date
Tue, 19 Sep 2023 13:51:17 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
V3FE74PDHNRH8JQ4
age
19086635
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
ttblmkGflgaIqLBN6tn0OgbXU7h9+GQOdm1g6G9WP/xaG9BLKIdon7QUue3Y1LFWuhoXqBFe3M4=
x-served-by
cache-mia-kmia1760028-MIA
content-length
17044
last-modified
Fri, 10 Feb 2023 15:45:03 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1695131477.011492,VS0,VE0
etag
"84fb7a78f703a6bea30d38248d76114e"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1136
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ecf132c3795939202e48db4c6a0ef2c4e8ee213ced0018671fe08d3bd59eb4e5

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
ads
securepubads.g.doubleclick.net/gampad/ 		779 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=741596912312893&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695131477297&lmt=1695167477&adxs=171&adys=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=620x1957&msz=220x0&fws=4&ohw=1600&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot%3Dcarrot&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26amznbid%3D0%26amznp%3D0%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=1134728305&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dbf1edc6860757822903508c99bbebdcc30e003853119686a13e014e1437194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38baea446a33ee46efe9b56ad948573a8f1760c6bc1fa3bfbae1ecfe55a39845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13508
x-xss-protection
0
container.html
4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 883E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:51:17 GMT
expires
Wed, 18 Sep 2024 13:51:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 13:51:17 GMT
truncated
/ Frame 326B 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 326B 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 326B 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
bid
aax.amazon-adsystem.com/e/dtb/ 		134 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&pid=9Q9dQmxlbiNFs&cb=0&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--inline1%22%2C%22s%22%3A%5B%22300x250%22%2C%22620x350%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c9683a08-5707-41e0-87fa-5c408f687975%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
60eb5e627cd4921d07e028792685e1f7ec5575fbfd116728401a3cc5aa1ea7b4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 821023b4a3a311c0d07e08ee75804660.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
M26435DV3S2XE5TFD8NH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
134
x-amz-cf-id
muMPMsGLIzf5rGnRTqVLlRPNBqQMOqPcLhEhOe_FSPZdvsUQStgXYw==
trinity.json
apex.go.sonobi.com/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%7C29bfdf650584f9%22%3A%22300x250%2C620x350%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=ea6a518c-4729-44e7-9e97-3eca4cfad30f&pv=lmqdieuj73kwojnmctlp&vp=desktop&lib_name=prebid&lib_v=7.54.4&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dus-politics%2Cpt5%3Dhunter-biden%2Cpt5%3Dus-news%2Cpt5%3Dus-taxation%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlmqdieuj73kwojnmctlp%7Cmartin-pengelly%7Cnews&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ef03fd432411a47f1cfd06a38d814f565629cb99c8698a88e6e1ba8c6d280df1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1504
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=92907116427&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
1c8f3e3423e9ebcee7922d0d0314a83a6ad5a3f415433ac560e32f6a9fcd50ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
11
content-length
179
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208206
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca2ddf572ad848172959038c85f59c5403242b68f192dd90815d8e05bf22018

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGXpeNk6wbtPL9eUg4Q2PpvjPJteOrP9D1bs2RlOtKyhft3dpK3LrvmzNQOmYVVHwu3LnHPW%2BMwRZZ2j%2FNTwgWMkYBf46FxW%2F%2BcJ9zpADNwH%2B0UVLaoqjg2mrNNglB1yCvmWm3y9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80924d786b5b8dbe-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
elb.the-ozone-project.com/openrtb2/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de70ce4548225f6260bed036fcdc558041c050d0368b179acdf17138b985eb47

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80924d787bc5b3c1-MIA
expires
0
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.17.145.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-145-177.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
accept-ch
sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.91.9 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
9.91.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b86d40c2f5d8a717c9e5c32f462cef9f15e53a63ffd4a0e3a517f407429f12a

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Sep 2023 13:51:18 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37AD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
30067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 05:30:10 GMT
expires
Wed, 18 Sep 2024 05:30:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 09A2 		829 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d76f32ec0ce0c21dd154daf579d03667b4f62d43748855259d45af422854c39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VdFPexJjYY2R7Q-nb5a4QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-VdFPexJjYY2R7Q-nb5a4QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:51:17 GMT
expires
Tue, 19 Sep 2023 13:51:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 37AD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 06:11:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
373197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 06:11:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 09A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=1530110758892106&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
bid
aax.amazon-adsystem.com/e/dtb/ 		134 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&pid=9Q9dQmxlbiNFs&cb=1&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--top-above-nav%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c9683a08-5707-41e0-87fa-5c408f687975%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
7be1f66ac6d1e1acc62ffbd95d9e25e2c25bc8e5bde3df76842fc43ec7e41f7d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 821023b4a3a311c0d07e08ee75804660.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
5B278WBY946RX59WW69G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
134
x-amz-cf-id
D9tHwdb7BRF72T_N9g4SDzuDjDDcaGB0pUqwV6aQQgYBBgfWTXoMhw==
iu3
s.amazon-adsystem.com/ Frame DE6A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
304 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
db1fb31d1ae08be019d1dcbc04c406f4c078e5e5dff9cb4674d540d2915d26f6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
304
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 19 Sep 2023 13:51:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WF48CMPEKN7DQ3Z6TEAT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 19 Sep 2023 13:51:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QFQ3D27RQ9XBPFP9KW1K
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=741596912312893&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C620x350%7C550x310&fluid=height&ifi=2&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3D3b7857fa2335d5ac%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A&gpic=UID%3D00000d93d68ff1a9%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA&abxe=1&dt=1695131478193&lmt=1695167478&adxs=411&adys=1350&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=620x0&msz=620x0&fws=4&ohw=1600&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot%3Dinline1%26amznbid%3D2%26amznp%3D2%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x250%26hb_pb_ozone%3D0.56%26hb_adid_ozone%3D13d5e519c9e2bc7-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.56%26hb_adid%3D13d5e519c9e2bc7-0-oz-0%26hb_bidder%3Dozone%26oz_size%3D300x250%26oz_adId%3D13d5e519c9e2bc7-0-oz-0%26oz_pb_r%3D0.56%26oz_pb%3D0.5620542%26oz_pb_v%3D2.8.0%26oz_imp_id%3D13d5e519c9e2bc7%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3Dd10c1bc3-23c3-4d65-8fab-2fc5b639f286%26oz_appnexus_pb_r%3D0.56%26oz_appnexus_adId%3D13d5e519c9e2bc7-0-oz-0%26oz_appnexus_adv%3Dtaxreliefhelpers.com%26oz_appnexus_crid%3D461884173%26oz_appnexus%3Dappnexus&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=1077821159&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a268bf60c56c4ab830d2b966f041ab77627a5560202079fea904b1e6198234e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12674
x-xss-protection
0
google-lineitem-id
5681484409
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446493314
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbjson
grid.bidswitch.net/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.91.9 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
9.91.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43f89f3dc1f04ce6e582ff490add0437b89776f9df970c93fc85b2fb5be7209a

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Sep 2023 13:51:18 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
7898
auction
elb.the-ozone-project.com/openrtb2/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc3d01b7e782d832f6e2b5fac8b5cd200613026ad03d09aa27da62d2352726d

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80924d7adf53b3c1-MIA
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208206
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b5b91409751a3105641f36be77b6a6c734c2be3f7f29282652085847d602e6

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1M7RSITeTfOAKFBDaV4tCl8fOyo0HELRS95SIRSCAnbgWXmw67o6zHVzZtdWpjtMmg2aPSBVMG9tIaZqMUSu8NbbUh%2BtcAknF53GP5VLtfkQurLXKXmJinMERFKe2XBtDh2DUAW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80924d7adf168dbe-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.17.145.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-145-177.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%7C31a8771bd5c0483%22%3A%22970x250%2C728x90%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=7cbe24cc-d820-4316-90cf-8d1fa5af1871&pv=lmqdieuj73kwojnmctlp&vp=desktop&lib_name=prebid&lib_v=7.54.4&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dus-politics%2Cpt5%3Dhunter-biden%2Cpt5%3Dus-news%2Cpt5%3Dus-taxation%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlmqdieuj73kwojnmctlp%7Cmartin-pengelly%7Cnews&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7f4cb2b484ba8d5fb2bedef24d169a480e15d44e9888896c011f5a2ae8b1a1c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1199
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=30333432402&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 37AD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k97aYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bid
aax.amazon-adsystem.com/e/dtb/ 		134 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&pid=9Q9dQmxlbiNFs&cb=2&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--right%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c9683a08-5707-41e0-87fa-5c408f687975%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
d905d0fb5db368df3e63f1c9118c46a565a8e4ef8a89ba60e36b320c658ffff5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 821023b4a3a311c0d07e08ee75804660.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
63GV5E8E5VBDNQCJEND2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
134
x-amz-cf-id
S_Qaj2G1aH6Js6sqzT6ppSkWgPseBf3-c0wygGKGGqs43anVMjlDMg==
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600024-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131478.477753,VS0,VE115
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
pr
s.amazon-adsystem.com/v3/ Frame 11A3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c6f2a6d946071adf59074fa00d569005f4219f74c04300ae003fb906bef52632
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ox-db5_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1745
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 19 Sep 2023 13:51:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NC4Z13JK8KTABXPCMV93
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=741596912312893&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&ifi=3&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3D3b7857fa2335d5ac%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A&gpic=UID%3D00000d93d68ff1a9%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA&abxe=1&dt=1695131478605&lmt=1695167478&adxs=0&adys=12&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=1600x90&msz=1600x90&fws=516&ohw=1600&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot-fabric%3Dfabric1%26slot%3Dtop-above-nav%26amznbid%3D2%26amznp%3D2%26hb_format_trustx%3Dbanner%26hb_size_trustx%3D970x250%26hb_pb_trustx%3D0.33%26hb_adid_trustx%3D3516d95fdab9c6e%26hb_bidder_trustx%3Dtrustx%26hb_deal_trustx%3DG-TRUSTX-trustxgeneral%26hb_deal%3DG-TRUSTX-trustxgeneral%26hb_ds%3Dtrustx%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D728x90%26hb_pb_ozone%3D0.22%26hb_adid_ozone%3D2219ef8367a99af-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.33%26hb_adid%3D3516d95fdab9c6e%26hb_bidder%3Dtrustx%26oz_size%3D728x90%26oz_adId%3D2219ef8367a99af-0-oz-0%26oz_pb_r%3D0.22%26oz_pb%3D0.22338347999999997%26oz_pb_v%3D2.8.0%26oz_imp_id%3D2219ef8367a99af%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3Db042b248-5fa8-44a2-bc40-73209128a80f%26oz_appnexus_pb_r%3D0.22%26oz_appnexus_adId%3D2219ef8367a99af-0-oz-0%26oz_appnexus_adv%3Dtaxreliefhelpers.com%26oz_appnexus_crid%3D461884156%26oz_appnexus%3Dappnexus&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=2261041439&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14f7598dd277c75df5375d0b80b84b7ac2e85c07b144e176ae37af4d52526c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12402
x-xss-protection
0
google-lineitem-id
6115382082
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138221630458
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		324 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=741596912312893&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie=ID%3D3b7857fa2335d5ac%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A&gpic=UID%3D00000d93d68ff1a9%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA&abxe=1&dt=1695131478612&lmt=1695167478&adxs=0&adys=416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=1600x6102&msz=1600x0&fws=4&ohw=1600&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot%3Dsurvey&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=1528203101&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da737ccbbec201544fd60d1ff301c9a6e0d2862027223f0b920a02cfd656dc33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=54322458063&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
elb.the-ozone-project.com/openrtb2/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00fe9873fa206951e9a3da26c5f65ed797e8345f3cab956d261c2146cdae759

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80924d7d7b61b3c1-MIA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.91.9 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
9.91.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3f3306a30b6b91ed56f01be4464861efbbbae5a7c836fb49ba91619d622341c

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Sep 2023 13:51:18 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
6970
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
a0f4e6bfa01bc2c9eb8934475a54ba0250c939df09a060d3ab3f23f97e685d17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
23
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.17.145.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-145-177.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208206
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ca77547aad61b4f149f29ea7e0f7100f5e11990ea9f42ef95409df182a63b4

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IwvxIYDUeQKsy%2FtnzQ%2FKl9cc7Dq6HlfEzNoVvVpjCavs%2FlMQ6YqLmRAi%2Fgz1uOFFJiBvIIJA6HuiouHMOqKaQX3xFilkHEbC7lGMtKDyiZmkKKwOyVYEwP%2Bd%2BcxXrIIdlJl7X4F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80924d7d791ad9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
trinity.json
apex.go.sonobi.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%7C52e5521f11d12cc%22%3A%22300x600%2C300x250%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=536b89e7-cdcc-40ca-b39c-b44ab319d743&pv=lmqdieuj73kwojnmctlp&vp=desktop&lib_name=prebid&lib_v=7.54.4&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dus-politics%2Cpt5%3Dhunter-biden%2Cpt5%3Dus-news%2Cpt5%3Dus-taxation%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlmqdieuj73kwojnmctlp%7Cmartin-pengelly%7Cnews&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d09ebc53f719c6eb523346ec0b259cf227cf8104d3faa63d781a6a4026bbc636
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1194
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b820b5e415f4a9c4d29f2904f89bacc007072fbed17ea3a63c20cd2d762705

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80924d7e19e0d9e1-MIA
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 13:51:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZyurTvKeyZnfK6uNEx0Z3Y94SEpCaoLjV%2B767aeav2hdArqu%2B4bhjTowt6OBQ%2FtJi7CIS2y%2BMvAIziROYW%2B%2BDNq5Ty5ICL3pgfOP1D5pjBHWoluPr9CCEFkMPmXmgOCc1Jmkn9y0vBMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80924d7dab9b8dbe-MIA
content-length
0
date
Tue, 19 Sep 2023 13:51:18 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TD0h7Km7d6aNb1diVo20mbBxquAUiNNLnKep6rDczl5x%2BEKKHR4ljD2zkdaD%2FtoOylFK4u1gdsqWUs8mnY0tNemWszGrgqCr6VGRL4ZDdb3MWrFC9X4ACccgyK25Hf8bb2qrh71OE%2B2%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame D175
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e34366786ac7b3955c2474012f19c2e843d1d2afc4405c0a1539093f12e91372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
401
content-type
text/html
date
Tue, 19 Sep 2023 13:51:18 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 19 Sep 2023 13:51:18 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 1290
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2457807864703770449&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2457807864703770449&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YNZVSH1YXY41K4EKSX3K

Redirect headers

content-length
0
date
Tue, 19 Sep 2023 13:51:17 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=2457807864703770449&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 005A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120362
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 19 Sep 2023 13:51:18 GMT
expires
Wed, 20 Sep 2023 23:17:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 3E8A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6004480877952621289&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6004480877952621289&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
A44TGXQFEJKPYA50NZ47

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c09144c2-9bd8-426f-8fee-9d2ff6ac08f9
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:18 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=6004480877952621289&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame C5CE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2929301841228134313336
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2929301841228134313336
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JARS34ESRYKJEV2ZH2Q7

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 19 Sep 2023 13:51:19 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2929301841228134313336
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 4EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRdg9WDLsXnFXUelA3EgFiO-vpbxP_foo0G2N3DRA_VY6CIVspjBN7r91UcTtZS--AaUe9JnlcVVJuNM7E4DyFQ2gY4B9Lw7r5IZpH22n-_loPGLatrqjV1PF1tyuGDgag7wtag8nBSDkPraZDel32xbqEH30EbE5e0Sp2PTrwTJpDCgf7RiyYWWaaTlQo6d_mrYZUiiC1-UfkfQ9b7lzqVr9gob2enYXrZIR0xhxA2XB4mZsU_yYvGmZvJhpwgDJxUSfOEt5dyKxcQpCql9IhJeosJmVeFG3Q8lYyihAwSRgTCSZ2_Dn9xEyHsbf1YZ7HRWaoT_YfxO4dGwoMd4mhp_JBRCDPxfjlQFEQ4DqK&sai=AMfl-YQyFcpy7xmzTsG2QKDvBrrDmsD7zJLUGwwcdR-hmbsIdIMfyobvC5MhZl6E-ERkc61OkEiaN9fQPMQeOnpvwQrExrhv_gayjpzh3ZipXLs3bn4Yhva_im-cSx8tbA&sig=Cg0ArKJSzBLstZPqa-jyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EE6 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:51:18 GMT
si
capi.connatix.com/tr/ Frame 4EE6 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=e1539617-5658-4d5f-b352-91258ead02d1&cid=982b4f37-b77f-4784-979c-45650448d9a5
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d804a64b3bc-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.playspace.js
cd.connatix.com/ Frame D08E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6061f9487157293ba0c2fd9fe400faaf382ba6aec43c51021eea460a5562ecf0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
80924d7ecc046da3-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
usermatchredir
ssum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF9X6QltK3St7IYUgMVFsM8&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF9X6QltK3St7IYUgMVFsM8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=476s3r1OOukhHI4zxcppGTylVrbXFsyREO%2F6uFZ9iPheON62Bfh94q3k8cu8k7pbwgS9pJDJJq9Zimlq0YTXhK7xelmzUDsjoUWtVP%2BexUj9sT1c4w%2BVtk8EzEU9tHw%2BbR4dALzeHFXEWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d7fecb3d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF9X6QltK3St7IYUgMVFsM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DD20 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9GYSQP0Z3A0JPKDRKQFD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=82b67018-7d76-4fb5-9b12-469927ce73b2&expiration=1697723479&gdpr=0&gdpr_consent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=82b67018-7d76-4fb5-9b12-469927ce73b2&expiration=1697723479&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr0%2ByqF9ob26aOW%2B0Dr9B7aqdvtWdRWaBX0%2FLNZVsfKvtdAX%2BLPYw4WQDcGZT4LxvHNBWuYZ8ZIbrHrpPBUmVQxamRU5OR6LZ5J1yoRP8S7dMCKLb1DxkRY7dvYGZLSzou1xx61ZHk1xIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d80ce04d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=82b67018-7d76-4fb5-9b12-469927ce73b2&expiration=1697723479&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQmnVqk7MV794SIGn2VaigAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELucZ1VPSLFatzs4a_1EIZA&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELucZ1VPSLFatzs4a_1EIZA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYrJUoW%2FHtincASpe%2B8qXmpz0ie8MklRohJ4CxoI9mFUee9CCWGA5zDDaBYp5qL6vbYzWcxH7ZSYdbfuIngKeHFyy%2FcHKIehBkUSNvfB6CURDWwxJWWIUPnAkh4oBidvHmJLR%2FoZd2I0Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d7fac6dd9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELucZ1VPSLFatzs4a_1EIZA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZQmnVqk7MV794SIGn2VaigAABncAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DD20
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQmnVqk7MV794SIGn2VaigAABncAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQmnVqk7MV794SIGn2VaigAABncAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZQmnVqk7MV794SIGn2VaigAABncAAAIB
date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ASN4OZWLYH6qfn68Hrab&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655&tc=1
0
0
rum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4038167191623545769
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4038167191623545769
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTWQlIpt3%2Bo%2FX2Oy1bX8nEhU%2BPyCgVCKjFqGwbUjTH8wmmP5yg7q92s1joh%2FWV0MDHhSwe7r2CC%2B91cFn%2Bbs9h2OuK%2FPnu8vipePrniHi%2FvyBGTUItdw40a7X7MMQBS1RhWKybxitjWbtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d818f3cd9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4038167191623545769
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umpjwQmNfPyDTfJgdNKwVVkgahj5QhkjgdPmaVlnFdxlRFWBtPDGqKacANQDUYXTRJ57polHUd0bkgcrImduVTqIu%2BvDMnC9iAa0vXaxjArkkk66KKkepH6K%2B2rcPAe88XRCxqZCr%2BJ%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d7fecb5d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko
Date
Tue, 19 Sep 2023 13:51:18 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame DD20 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZQmnVqk7MV794SIGn2VaigAABncAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
981CWMJHJVJSNAQEAJBY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D175 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fedd6e08-a0d2-8654-977b-2b36d43f096f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2D26K7DQMDBEJ2R03351
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
32cc7431-2cd4-afe7-66a2-bf54435b0fc6
pr-bh.ybp.yahoo.com/sync/openx/ Frame D175 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/32cc7431-2cd4-afe7-66a2-bf54435b0fc6?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D175 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fedd6e08-a0d2-8654-977b-2b36d43f096f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EZXAVJX0YXFX5ZBZT91K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D175
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=a60b1275-bc78-3dae-5775-a9a1bc0cc28f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame D175 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGE2NGMxYmYtNzUwZi02MzBhLTQyOTUtZjMxODc2ZWUwY2Vm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D175
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVJw44r96z_VkX2NmS9EXk&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVJw44r96z_VkX2NmS9EXk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVJw44r96z_VkX2NmS9EXk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
connatix.playspace.js
cds.connatix.com/p/338732/ Frame D08E 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1177b039d9385727cd48ccddae0464b4d060e796568592b47c45bddc761c937b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
x-amz-version-id
V9I.OuPiOmyfHtAeTRdXatcoye3woCrJ
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 13:25:52 GMT
server
cloudflare
etag
W/"52948647809227c86f84e822c2dd97f1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
80924d7f5cd66da3-MIA
access-control-allow-headers
range
expires
Wed, 18 Sep 2024 13:51:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		74 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=741596912312893&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C300x600&fluid=height&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D3b7857fa2335d5ac%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A&gpic=UID%3D00000d93d68ff1a9%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA&abxe=1&dt=1695131478968&lmt=1695167478&adxs=1109&adys=422&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=300x1600&msz=300x2&fws=516&ohw=1600&psts=AOrYGsn9IhnZ9_XfX_NsffdcHNENx8KFymGl8QNBKO0AJ-LAdpBLFfPy7nwKl85TesGLV9B7pQVArEFAx532esZ1vPmyeZC-zjzD8g&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot%3Dright%26amznbid%3D2%26amznp%3D2%26hb_format_trustx%3Dbanner%26hb_size_trustx%3D300x250%26hb_pb_trustx%3D0.32%26hb_adid_trustx%3D53ba22ed740b915%26hb_bidder_trustx%3Dtrustx%26hb_deal_trustx%3DG-TRUSTX-b827d08da2714822%26hb_deal%3DG-TRUSTX-b827d08da2714822%26hb_ds%3Dtrustx%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x250%26hb_pb_ozone%3D0.19%26hb_adid_ozone%3D39ec6ed1f5d59b2-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.32%26hb_adid%3D53ba22ed740b915%26hb_bidder%3Dtrustx%26oz_size%3D300x250%26oz_adId%3D39ec6ed1f5d59b2-0-oz-0%26oz_pb_r%3D0.19%26oz_pb%3D0.19068934%26oz_pb_v%3D2.8.0%26oz_imp_id%3D39ec6ed1f5d59b2%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3Dd309204b-f0ae-4e67-bad6-e65a081995c4%26oz_appnexus_pb_r%3D0.19%26oz_appnexus_adId%3D39ec6ed1f5d59b2-0-oz-0%26oz_appnexus_adv%3Dprovidentloan.com%26oz_appnexus_crid%3D410223757%26oz_appnexus%3Dappnexus&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=1669199177&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5acf7e7ffa0982cc72e25c0486c5a23beff613ae22f9fd7cd8f3fd83f2af0366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29877
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 24FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv55DWcXdQqUV6R0qvMjEDUp1hAmU5IQ8wJo56FMYMnKh006pgYSfE9UUlWvvLG6oOUcRDm4NyfXJFSyDt2zuroKtfqBWgP1NJyrevpqq5_tmWqwE9Kq25N0NqrFiMlwPILHqrcHXNABMNTLh_YsVQuqn2MGtJkPjlUsAN3TjSvhlPU-_h5BTcuWEmJmIpgAyTr2NdMkR-_svN1Nfl3ZXCKoOm2ExMJKV8V80zM6sDBkEBF0QHU3KCdG7MP0uXERtpJOqx5o7CyT-BvGgjX74pq5-yoVZ--toofx20S291iduJO5lrHv4KUEkUJJKVJwhK-HXE0lYH46SfHUAPdZQunXk4D-ciW3LrI0cNGhp61&sai=AMfl-YTQaaKjiw_UM0H3lhUSZ5LQBOpjORNZTW6CwXvKBmTFKHe1o36S60_ciknUx9_V7ZIFm6CIPIHv8VX6wFIH4Vk9lyWlZSUs03ruUZEEcpCELyjmL94fvw-TDS373w&sig=Cg0ArKJSzIw-iKp6EhhqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logo.png
d31otfhas71ais.cloudfront.net/images/total_restore/ Frame 24FD 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31otfhas71ais.cloudfront.net/images/total_restore/logo.png
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:9a00:6:1e88:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d9f9eb2d46ae85b35405642aeafbb3d07264df318e51ef6ef7a87dc1648800e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:11:59 GMT
x-amz-version-id
null
via
1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jan 2019 11:34:48 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
70761
etag
"2375dc69c9ed6c37a7931de10b8fa260"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4483
x-amz-cf-id
AshysD_NW1ap8IulcoX_umt-_run_5iLt8GxvnvuXfqeC_J3bua-ng==
button.png
d31otfhas71ais.cloudfront.net/images/ Frame 24FD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31otfhas71ais.cloudfront.net/images/button.png
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:9a00:6:1e88:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9658821b2d9d149eb6d868c6ce8811406c6e8fb1f74104eb480264f94836428

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 15:50:40 GMT
x-amz-version-id
null
via
1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2017 11:50:30 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
79240
etag
"b2b37aa9f64082eeedb9670c620baca1"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1549
x-amz-cf-id
qIGEVCaLKMlSMMadID_6FX3_vr3UP6RhmmoHxg3Rh7YlXwU99XZYUQ==
x-amz-meta-s3b-last-modified
20170427T114916Z
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 24FD 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:51:19 GMT
b66d0642396d38de30de98f80e6b8a9d.jpg
de9a11s35xj3d.cloudfront.net/ Frame 24FD 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de9a11s35xj3d.cloudfront.net/b66d0642396d38de30de98f80e6b8a9d.jpg
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c6:8200:17:b93b:fa40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce483b9dd61cb73202dd671869a67d98d16043c8aad59c97171f85847abb4e24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 01:54:57 GMT
via
1.1 91853f8dc83bc719de6524b8581512d4.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL59-P5
age
42983
x-cache
Hit from cloudfront
content-length
152433
last-modified
Thu, 24 Nov 2022 12:51:39 GMT
server
AmazonS3
etag
"b66d0642396d38de30de98f80e6b8a9d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
-Hijwu7D41IkSIb-vHwjcX1tYhl251mO2VXvkCAIHZActyonypur0g==
us.gif
sync.go.sonobi.com/ Frame 24FD
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=52f80001-eced-410f-abf7-1a2fdf1daf42&initiator=me&us_privacy=1YNN&gdpr=0
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&seller_network=bidswitch_trustx&bid_id=52f80001-eced-410f-abf7-1a2fdf1daf42&initiator=me&us_privacy=1YNN&gdpr=0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&gdpr=0&us_privacy=1YNN
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&us_privacy=1YNN
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&us_privacy=1YNN
Date
Tue, 19 Sep 2023 13:51:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 24FD
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=trustx&dsp_id=250&imp=1
  • https://us-east-sync.bidswitch.net/ul_cb/sync?ssp=trustx&dsp_id=250&imp=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=trustx&bsw_user_id=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&ssp=trustx
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&ssp=trustx
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=43ff3c35-f210-472d-8f57-4774d043c806&ssp=trustx
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
J-IMU3RK1EeJkYZP8ArR8kwK3due_sXxbBrwBAav-4UH848Be8pYn-GSWInSTWBLUXI_r3TInfv6JkQlz9xD_wxmF9hIy2H-RUOaoA5c8ELPz38PK04gbdqiHms41nOnkT-BJeyBNZw1t6YIp6ALReCuHnf_EGSerXbATXAlb4A0A3divrOrJX8jfINosRodlFa6u...
pdc.bidswitch.net/mimp/ Frame 24FD 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdc.bidswitch.net/mimp/J-IMU3RK1EeJkYZP8ArR8kwK3due_sXxbBrwBAav-4UH848Be8pYn-GSWInSTWBLUXI_r3TInfv6JkQlz9xD_wxmF9hIy2H-RUOaoA5c8ELPz38PK04gbdqiHms41nOnkT-BJeyBNZw1t6YIp6ALReCuHnf_EGSerXbATXAlb4A0A3divrOrJX8jfINosRodlFa6uN1SfOIQVDXnBY9YC3WOGjkxXUgW3Ayya_shJ4MNFQRBn3Jr9BmlF227o2iJjvArtvRVPg_30xmV1njC9PtDopCVGqpYWsJszKeyVu6tufIQva2qZl7LXzFP48TOLUmHKyH4G8EBJbrtM8hDzXrZffKukt2Vet4tCbofeK9q8W4RfD_BH0AEQ4YNaQxnQ9exVA
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.206.254 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
254.206.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
https_A_B_Bpdc.bidswitch.net_Btracking__burl_BJ-IMU3RK1EeJkYZP8ArR8kwK3due__sXxbBrwBAav-4UH848Be8pYn-GSWInSTWBLUXI__r3TInfv6JkQlz9xD__wxmF9hIy2H-RUOaoA5c8ELPz38PK04gbdqiHms41nOnkT-BJeyBNZw1t6YIp6AL...
media.grid.bidswitch.net/imp/a915hrD8wKej91PEmteTXlA0qtj7-qYx75VnbbkcjomAZ7DAnfbJAOCbpbHRNWuqktjOmUPrVjlSsn-GX6ubPAPC0o7GcB9KXccHmM6taZhExBqGB7SCfJYV6rcZ-1_nR5ZyegZ25otE04glBJ_o0JleGiOjSMTyV10jfL5W... Frame 24FD 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/a915hrD8wKej91PEmteTXlA0qtj7-qYx75VnbbkcjomAZ7DAnfbJAOCbpbHRNWuqktjOmUPrVjlSsn-GX6ubPAPC0o7GcB9KXccHmM6taZhExBqGB7SCfJYV6rcZ-1_nR5ZyegZ25otE04glBJ_o0JleGiOjSMTyV10jfL5WKbc3PyY2QyNEktGMQH-gsJP5nEGBGmbQiH6yTtHyNDVp1DxcO27NUpEi_H323ZTruoq3P_DwpE8hWvXlsaHI-64Z0omLIgtskWLQrc0N2amlA-NHLe4SXkVSkNE3EfOWOdSRKsZErr9dUlhdt_zHJn9YDFUU8JsUo2ZJNC5UGfjQgVPjEvQwMiC7OlVzMJugFu72IathjBWkIvkV2kiS9nfCtTcgfgRtoPvtow6mnLb39Xcm7Ydx584AjEL1EpjoNwRhqeMDgdQKON-gw1U60Gzfa2md8I7di-mdFT3Dx6-uAiiNZxlxnJxhJL_9l0Oy1RLTMweA1aymr-b5qpNS5EiHqzn-2-TwKqefJo7kz-HrL3tRDE5aL8WGESiZxBdsXxLLi2YDPRK4M3v7Fcd0Z7OmG3-SoTRrxW1myfbYtDTh-unYV1x0ikY8OwN6pnkTD86nyWZVbgcpVcyK_XLZQ2AzOa35HppQO01_aHLG_kso9F2BMVPpGdTgD6-xJS81Y046t90sGZ_DYt6UoXKrGQeRZBwGMT1XDxLmIoAF1WD3w2eTRvYpcNRRwT7aaDPpwpFHsjFkZjZ1TGAUyuOWC6sqVGDNGbBfUuPFZWik0uyqMexSUUYnMbRTV3NVzeN9rCuB-y-gds9VdGhcDqvBhwWVCRoA6Rq3Zz7J9HDcbo8qlc64FgbJQZvyTSHALXqQwVrGthzFKjCmV5UN79SCe30KNzAIIYzogSlankqUTkId16uiUKTHVzEkW6wFKIKRkZIiYwPExHWN8-Z_pKCIQZ-cj5T1UWvhpaSkfQRGtZJq_fCP0lIBg6ZEKUDhm0TGsKft35YtvwlGdSv39mnRkp3ZtvJ9sfP5tnVyjZHQOpotx13AhO2LFdV7EELttHRn5p0U4kVZEgXo5HLihDxkr-EAwhe63kUklXvr4Sdr6qwcC4EYMybTlwlMJfjBHyhyxdMD-nvL2BC9_nyTQgXaCCryH8qxdzuubw8AKAN1td6-dHNBG-B08vGBnva-4KUpME9wfu9-_wCWt6XqjUE4mkBUKb6LkP82e9ZWOl8hbbBVLZEwrosxHtRM/billingWnDfwtgYh5PrvtrxlBc/https_A_B_Bpdc.bidswitch.net_Btracking__burl_BJ-IMU3RK1EeJkYZP8ArR8kwK3due__sXxbBrwBAav-4UH848Be8pYn-GSWInSTWBLUXI__r3TInfv6JkQlz9xD__wxmF9hIy2H-RUOaoA5c8ELPz38PK04gbdqiHms41nOnkT-BJeyBNZw1t6YIp6ALReCuHnf__EGSerXbATXAlb4A0A3divrOrJX8jfINosRodlFa6uN1SfOIQVDXnBY9YC3WOGjkxXUgW3Ayya__shJ4MNFQRBn3Jr9BmlF227o2iJjvArtvRVPg__30xmV1njC9PtDopCVGqpYWsJszKeyVu6tufIQva2qZl7LXzFP48TOLUmHKyH4G8EBJbrtM8hDzXrZffKukt2Vet4tCbofeK9q8W4RfD__BH0AEQ4YNaQxnQ9exVA_B_I_WAUCTION__PRICE_X_Bhttps_U3A_U2F_U2Fghent-gce-sc.bidswitch.net_U2Fimp__s2s_U2F_U24_U7BCLEARING__PRICE_U7D_U2FBSWhttps__A__B__Brtb-use.mfadsrvr.com__Bimp____s2s__Bv3__BCHuo9l1jh0LlSS3-4jexzm8Tz0qeQJvhhJswdJ5zXFOVKBN2Jd-cRHtjZdmL9TzQrymtFTHSep0Efgf5xLOQJe8OktZru____U0RjHndtkd72zJg5DOetnbqbyn640OmTd6jUkA8fgbgKKclGV2M6oPGLxAF____PpkgUmWxWgMK____uindsu5PWU6qq0hj03nRcXn9ujukycp5rBXU95gJ9WCKZMiN32aLNDtK5nPgY1MiMaPrplS0m8MNWk1Ya9gg95p0Wt1pEiPqBV0g43i4trYn8inWTDQIoDfdzNM8mYgBR4QvX46NjRSGJiAo5o2A0jQewqI8X____dN4z306MdiiiXGI8mOWLiGLB1JEjdgSR5Q____R0P57AQSMAn6BZMvXK-7KA9hHspYQtixCppfFOoAZEI90RC-K____xd8XUEq8V4wU2N-80AnkNS9eXGyFCdbG9crE7gPgLhHD2mX7R____nueiflfuE28nMrKQmj13NoNtol9rmEaAg____uRio9Gg3Zc9KF1iDd9pfNUYXsoRu3M__B__I__WAUCTION____PRICE__X__Cq__R1_U2FGH-TsF2eOUnQo2zP6XZ3J8R829msxbc4h32CiTFH3B9dFa8CVpBxaZoSxrSPSnOmODcRnbSlEhI2fmIpLUkYxGInjh__y1sZxkBHAO5Ik1Cf9O5alf6pMLRoL6YKefQwjO0l-GSHizq__U8RI8Rj2i9Pw0IS6pLaeK-aSy4JZ__1HXJ5XO-26Bn3-FupycKxfO55a2ZbJfZ2B3KyunF50D-SdupOQM6WMTGTbCGOJh4IQbx3g5OqkdLTSZg__jNGE7BlIJUsV2YWgogFNAQCmEJcAmmSQ1B8ZPOortyOmhwevVZnstVsmBNOWWqF5Yxt55oZQ4H1p63QsFpoIJkYUq62YAUZoac7rf6NASVNLDp2xtC__VWdr7yaGcTzwuHsdAWlijY4Z-FJIUJnK7R__jMGcErWJPSOnRKvu6bBz1XXpNxBS0KXqw2IxkOlrnvbZuHBH1w68jmxR7rcaPKwQiYJZB2qxFE65pi5EsaOETZbreai5gnziFN4Bt____Hg64CMPl0edSgT8jaKIULr__4C4qdjwMKezNo78BqSWOChWiIbBVXARnKOL-dnAQ7Kv9Pv-4ZWvivYwQEvUzuOXmbOgP-cc2eJbb5v3VMf0bcIPwuMVKsAY3aAHyW5WAymdxrEI7V7FxRhOIMmIbJG5TInOV7kPe96K6u1QiqDzTaODYKd51E__qjmROf-LFzWIqdY6fr__tCRfwU2wtQz1S0i7J1nChp1bO4vpFB-aVIcRjVVN0z6fx2ePDY3azb3trug1j3AitTzxbZDfefpH5tfOgCdKASZnAVTgTA9XNVIKDpfoa86MT3jZt9wu89FYTJUqVS86YNGE7-W8ImaZh7ifv90gbO1o5MX-V1O__IIT-9dzD2-tiX6eRSp1-m9QXTowgcMonm-iJFkm4Al4jTCLsldTgMje0R99spZUhjLb-v01Z7QN1eOhWClW-c7sJrQ-NtahVmdaAU8fb6gNLSUCWjhfiquNz2lwvPbtAo58n4YL7iyNA0SgPrlj6NKuMHkT718n0ugKG8I8__aHtKfWpTXQknfx5EUkmJFHA__8tCFwRNBiiU7MMu02x1k9NKXXZXwxkeUeOGaeQUECu-0kvKnJOO__jfnkEQ2Kuq__Rnw__QoM3ktuoo6KRHTq-Bf11f5qTysbxUiAYYUVxey7nxgYhhlxwue84Nd6Z4OeDjgDInsRFQ9bMXPWSlcDbLbxYKyaitJd6z0gm3fR9JmAzuw2EitIue6DBfqusbRUexskgpZh7vbRYc3oYoTzT8gTuEyY9vk3Aq32rOAEoXODmRee26UUzO7qXfYwsRbn5UvzFwpzjuPzx4zfMXGbBaKPjlXMChsN6RXnggt7N068TKUKx4pn5qSDNA1nX0AqQ1TxPHaCi8g7BWFxdp89rCvYHnLfk5tmntL-T17PJIy1exa6jRbA5b3od6ESba__kKce3XXajHjeCaf__sJx1-LeljIVL0w38_U2F
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.85.235 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
235.85.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 24FD 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=theguardian.com&bid_id=78b7fe2b-5422-4e4a-b7b9-b108a0966d35&ads_txt_id=LPG43R&has_bsw_id=0&bid_price_usd=0.338
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::2 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
pixel
protected-by.clarium.io/ Frame 24FD 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnL3RydXN0eDo5NzB4MjUw&v=5&s=v31hamrbb2j&id=eyJwcmViaWQiOnsiYWRJZCI6IjM1MTZkOTVmZGFiOWM2ZSIsImNwbSI6MC4zMzgsInMiOiJkZnAtYWQtLXRvcC1hYm92ZS1uYXYiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnRydXN0eDsyOTYzIiwiYWRvbWFpbiI6Ind3dzIudGhlZ3V0cmVoYWIuY29tIn0%3D&cb=9461796&h=www.theguardian.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkwzUnlkWE4wZURvNU56QjRNalV3Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsidHJ1c3R4Il0sImhiX3NpemUiOlsiOTcweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.40.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-40-21.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 005A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19503711&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6190e8a10fad3d177e158ce3a75f4654335b5a9b658cf2de25e87bf7f8cd9466

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 19 Sep 2023 13:51:18 GMT
content-length
1766
content-type
text/html; charset=UTF-8
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600031-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131479.172893,VS0,VE115
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600037-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131479.173355,VS0,VE115
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600030-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131479.173876,VS0,VE111
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
sync
capi.connatix.com/core/ Frame D08E
Redirect Chain
  • https://capi.connatix.com/core/sync?v=338732
  • https://capi.connatix.com/core/sync?v=338732&tier=1&final=true&ImplementationType=0
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?v=338732&tier=1&final=true&ImplementationType=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c032fecbd4bde8a8a2b19b225c3275289c35c31add3fd68a6d8fa8b7af965341

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d822a3edb2d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Sep 2023 13:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?v=338732&tier=1&final=true&ImplementationType=0
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d815bd1b3bc-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.playspace.css
cds.connatix.com/p/338732/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/338732/connatix.playspace.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1492af2467ea07e575057df710c439960399d3f693c6a2186e48436a211d5cc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
x-amz-version-id
65Df37u9tWq9Whls.ADu8pX_uzpQze3q
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 13:25:52 GMT
server
cloudflare
etag
W/"ac0105d5bc3c3923d4d85c1fdaee676b"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
80924d815f586da3-MIA
access-control-allow-headers
range
expires
Wed, 18 Sep 2024 13:51:19 GMT
truncated
/ Frame 4EE6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4da9e7d938d6d5c3f7ccd6ee234d8c733ea87dc1b548f0b296a843430c00f39

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Sep 2023 13:51:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstCDhhTkuItTZ-9O9kZ8FLjs3QIWfmFT4qccv2MIJPiN-c71MmBPnbaLgzMxTnWOvFnmi6EvUw2WYBFrSIwnxgpQGtZZm9YwNVsTQAhdxHiNA3knpetMqlUdYcBqaL2OrkVssId-WFUOx0EuKFXVeqJOG1HOoUnEJmoAk28-uWHvQnhDvlfgBawm5tHEOufzYnUvGZvaInkMBNEgVrht7Dr580j2uNcCvufIJFcKu4uxiFXkqU_Wr99Es9_tVFcqH1SjByiE9uMpyKsVxfkIRXNTBXMNBkpkAD9V5YQf-JSaXjWbdnqWFqz9XQ76CW6QETyo6RNWcZ2n8_7E5dFFZdEWyCeK7FFWIVJZ-oLA_Rcbw&sai=AMfl-YQxj2UXmTrK1h--dJ_RD3JIIVawLLeS10350VzN-DVLLSuQ51rMmmmyfelnGlhMsOjFxKdvoy1OEfcT2vlrs8Se3x9BFOb9-_F6xcfPsH7KhT-kE8csqaILlafReQ&sig=Cg0ArKJSzAgKeX_d9aCeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Sep 2023 13:51:19 GMT
truncated
/ Frame 24FD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a081b1e4efba17fc7c5b83c7b3547b3e15712018f5a74c10cd09dd69776c8393

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame DED5 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10249&campId=970x250&pubId=4499194706&chanId=85273887&placementId=6115382082&pubCreative=138221630458&pubOrder=3085351805&custom=article&custom2=top-above-nav&custom3=us&adsafe_par&impId=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.109.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-109-44.compute-1.amazonaws.com
Software
/
Resource Hash
6387f4413f039cf311fe4e04a1c621e77e78a2f6ab64de2c8ef4e3d3e4a59e89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ucl
capi.connatix.com/tr/ Frame D08E 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ucl?v=338732
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d821a3adb2d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame D08E 		280 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=338732&cid=982b4f37-b77f-4784-979c-45650448d9a5
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac80e38c234ac0e4fbdc83cd9c4105ee21368521e66a09af01166bd2d1698be

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d822a3ddb2d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
dcm
s.amazon-adsystem.com/ Frame 4A2A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WJW1G967PYCJE9T1ACVT
ecm3
s.amazon-adsystem.com/ Frame D54B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HTZZ17C0RVW8BQW0HF2Y
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 005A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fhvyr2LCQY6jqtEB-1tDCA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120361
accept-ranges
bytes
content-length
5606
expires
Wed, 20 Sep 2023 23:17:20 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 005A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=82b67018-7d76-4fb5-9b12-469927ce73b2&ttd_puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 005A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207E1BF2AF-62C2-418E-A3AA-D101FB5B4308&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 005A 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 005A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0UxQkYyQUYtNjJDMi00MThFLUEzQUEtRDEwMUZCNUI0MzA4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 005A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGyL1iZ6bakWsWyVe_4kpY&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGyL1iZ6bakWsWyVe_4kpY&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGyL1iZ6bakWsWyVe_4kpY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 005A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557
42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 18 Sep 2023 13:51:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 005A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=82b67018-7d76-4fb5-9b12-469927ce73b2&gdpr=0&gdpr_consent=
42 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=82b67018-7d76-4fb5-9b12-469927ce73b2&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=82b67018-7d76-4fb5-9b12-469927ce73b2&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 005A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRGG0QNE2uXdYp46NSTmTX_HSkSefDU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRGG0QNE2uXdYp46NSTmTX_HSkSefDU-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_ox-db5_smrt_pm-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRGG0QNE2uXdYp46NSTmTX_HSkSefDU-~A&gdpr=0
date
Tue, 19 Sep 2023 13:51:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
container.html
4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6077 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202309181129/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:51:19 GMT
expires
Wed, 18 Sep 2024 13:51:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 032B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:51:19 GMT
server
Kestrel
server-processing-duration-in-ticks
328325
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.141.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.141.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Sep 2023 13:51:19 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame DED5 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244b:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 01:29:24 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 6404cdb50fd2dd8e3eb3ff38e3f60b92.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL59-P8
age
1599716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
spVjAASZddh4lBC9BPmAdJQwhxkEZIqjyggYxpiar5ZJaW-BWF4ZyQ==
log
protected-by.clarium.io/ Frame 6077 		0
0
log
protected-by.clarium.io/ Frame 6077 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.40.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-40-21.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-max-age
access-control-allow-methods
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
pixel
protected-by.clarium.io/ Frame 6077 		0
0
insights.bin
ins.connatix.com/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/708b86ee-7dab-4dac-ab1f-8b445f8a708c/ Frame D08E 		648 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/708b86ee-7dab-4dac-ab1f-8b445f8a708c/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93c2eb8e1ec99a554039350d0e78119271045184cb17dec8ece94050e333d12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 13:29:57 GMT
server
cloudflare
etag
W/"aab467e1b121cf38198d6d3b03c7138c"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
80924d87ac4a031c-MIA
alt-svc
h3=":443"; ma=86400
expires
Wed, 18 Sep 2024 13:51:20 GMT
blockedDomains_1.bin
lit.connatix.com/08d7f5c8-0e77-43a0-8f82-a0e3b21a8414/ Frame D08E 		0
0
insights.bin
ins.connatix.com/21dd7f0fc43451fc1433b6100d134270/ Frame D08E 		504 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/21dd7f0fc43451fc1433b6100d134270/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0739a00c2da860ed48ca432fca706434f75a182c107fda9328d0be9e3ead33d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 14:53:00 GMT
server
cloudflare
etag
W/"041b95e52f46e3816a38fca8e915ccdf"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
80924d87ac4e031c-MIA
alt-svc
h3=":443"; ma=86400
expires
Wed, 18 Sep 2024 13:51:20 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIndex%26api-tier%3d1%26uid%3d&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Index&api-tier=1&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
139 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Index&api-tier=1&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa5ed0822f984bd2845d2627101cdbe0228720a9597f165c872d855075bb5d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d884fc76da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvZLhSQ7iSrrGt29OlqP0RrohzperRu2%2FpiVms7SeCeTIh0fbz6ngwAurePDdFs3e%2ByOsIYKPFLERBSe1RvwOAl8q3qXYpOJTr7BxvTehPceZ4v8i8QmpVdfi4i9br1N%2BcorNo8y"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Index&api-tier=1&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
cache-control
no-cache
cf-ray
80924d874c4e8dbe-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Beeswax&api-tier=1&uid=AABSyE7KE08AABXBedE9gw&gdpr=0
132 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Beeswax&api-tier=1&uid=AABSyE7KE08AABXBedE9gw&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535d706b769b18ed77e16079b8ba1ea85275717e378fec8b5007872f54937622

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d89dc875c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Beeswax&api-tier=1&uid=AABSyE7KE08AABXBedE9gw&gdpr=0
Date
Tue, 19 Sep 2023 13:51:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=82b67018-7d76-4fb5-9b12-469927ce73b2&ttl=1697723480
146 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=82b67018-7d76-4fb5-9b12-469927ce73b2&ttl=1697723480
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863a415169ccca63f57929b2c9a463ca7e5cf3e4ef7d9688ea957a47c5a21087

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87bf346da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=82b67018-7d76-4fb5-9b12-469927ce73b2&ttl=1697723480
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dAmobee%26api-tier%3d1%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Amobee&api-tier=1&uid=4038167191623545769
129 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Amobee&api-tier=1&uid=4038167191623545769
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0ceff56a6cf2add3b3f2ddf8a0194e3917afd8858579b6644369cf098aac5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87bf376da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Amobee&api-tier=1&uid=4038167191623545769
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d25%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dTripleLift%26api-tier%3d1%26uid%3d%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=TripleLift&api-tier=1&uid=2929301841228134313336
132 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=TripleLift&api-tier=1&uid=2929301841228134313336
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4398278fdaa6aed7509ca833f331aaff9bcab606bc42f7bf08ae98880b5350cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87bf3b6da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=TripleLift&api-tier=1&uid=2929301841228134313336
date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=AppNexus&api-tier=1&uid=6004480877952621289&gdpr=0
128 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=AppNexus&api-tier=1&uid=6004480877952621289&gdpr=0
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f872665443e03f8d7f0eea45c771f2bbe16f7f18d130b848e62dabbaf2553af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87bf3a6da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
an-x-request-uuid
f78b09dd-96cb-4ef8-b4fe-4bc4f8ffdec5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=AppNexus&api-tier=1&uid=6004480877952621289&gdpr=0
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5AFB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
0
0
/
de.tynt.com/deb/ Frame F2E5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3d_3...
0
0
userSync.js
ads.pubmatic.com/AdServer/js/ Frame D08E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133887
accept-ranges
bytes
content-length
2358
expires
Thu, 21 Sep 2023 03:02:47 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d13%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dPulsePoint%26api-tier%3d1%26uid%3d%...
  • https://cks.connatix.com/cks?pid=13&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=PulsePoint&api-tier=1&uid=mHb9MxhElbck
122 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=PulsePoint&api-tier=1&uid=mHb9MxhElbck
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93586b68ad6ada08514c26a5e5b540c3127428b1cf41127a9f44475bcad85a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d894bdb5c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=PulsePoint&api-tier=1&uid=mHb9MxhElbck
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-rwzqm
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Crimtan&api-tier=1&uid=32c718dfa6824e369b7a7d6ac7326e2d
142 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Crimtan&api-tier=1&uid=32c718dfa6824e369b7a7d6ac7326e2d
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43deedf35812e91fe2c85eb44184bbc2970f06e231accf2c1b06ee62fddf1acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d88ba975c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:19 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Crimtan&api-tier=1&uid=32c718dfa6824e369b7a7d6ac7326e2d
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d18%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dLoopMe%26api-tier%3d1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=LoopMe&api-tier=1&uid=e3ec73e8-177a-454e-9747-183cb0ae5a93&pubid=11186&gdpr=0
146 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=LoopMe&api-tier=1&uid=e3ec73e8-177a-454e-9747-183cb0ae5a93&pubid=11186&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7453d4bae4ee6075ef272977ae4823eb982f5c76dde43e342273b5f914488e02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8a2cfa5c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=LoopMe&api-tier=1&uid=e3ec73e8-177a-454e-9747-183cb0ae5a93&pubid=11186&gdpr=0
date
Tue, 19 Sep 2023 13:51:20 GMT
server
_
content-length
0
1000.gif
id.rlcdn.com/
Redirect Chain
  • https://id.rlcdn.com/712202.gif?cparams=8b22f0bd8f2445f586e9bdb7b722bc5c&gdpr=0
  • https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNjOpqgGEgUI6AcQAEIASiA4YjIyZjBiZDhmMjQ0NWY1ODZlOWJkYjdiNzIyYmM1Yw
42 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNjOpqgGEgUI6AcQAEIASiA4YjIyZjBiZDhmMjQ0NWY1ODZlOWJkYjdiNzIyYmM1Yw
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 19 Sep 2023 13:51:20 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNjOpqgGEgUI6AcQAEIASiA4YjIyZjBiZDhmMjQ0NWY1ODZlOWJkYjdiNzIyYmM1Yw
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}&...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dCentro%26api-tier%3d1%26uid%3...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D8b22f0b...
  • https://cks.connatix.com/cks?pid=9&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Centro&api-tier=1&uid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0
159 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Centro&api-tier=1&uid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de4def25eed67f6cf96742b3cbb2d0f1a8a29a1136892206959bea84437e4a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8f1e6f5c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cks.connatix.com/cks?pid=9&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Centro&api-tier=1&uid=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d39%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dYieldMo%26api-tier%3d1%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=YieldMo&api-tier=1&uid=3RY4877dd47k2vCTamAM&gdpr=0
130 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=YieldMo&api-tier=1&uid=3RY4877dd47k2vCTamAM&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b4345acdb5d126291d66538e7b1b8a3ab06e2c96d5ee29a23ce631e5064cd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d89dc865c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=YieldMo&api-tier=1&uid=3RY4877dd47k2vCTamAM&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=8b22f0bd8f2445f586e9bdb7b722bc5c&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dTel...
  • https://cks.connatix.com/cks?pid=5&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Telaria&api-tier=1&uid=25e0218b837a4d609b8243d7572ecd43
141 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Telaria&api-tier=1&uid=25e0218b837a4d609b8243d7572ecd43
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bf600e3e50a5dfb86a46ea3f69bd2f9f420e5f4a4e90ab164459b166cce695

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d897c125c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Telaria&api-tier=1&uid=25e0218b837a4d609b8243d7572ecd43
date
Tue, 19 Sep 2023 13:51:20 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=fb55237c846da97555cd2ba61913148a&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=fb55237c846da97555cd2ba61913148a&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d89def1db2d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:20 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=fb55237c846da97555cd2ba61913148a&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695131480543011-164
sync-iframe
cs-server-s2s.yellowblue.io/ Frame CBCA 		3 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.199.244.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-244-199.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
content-type
text/html
date
Tue, 19 Sep 2023 13:51:20 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.87.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-87-78.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 16:15:12 GMT
content-encoding
gzip
via
1.1 6bcc5cb16e0756268a257daab0f6082c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 16:12:35 GMT
server
AmazonS3
x-amz-cf-pop
MIA3-C1
age
77769
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2Mp65RNfNC3zT2VOZZlOHetcLYJmeTXvwyercK6p9nGjc5vecV4h1A==
cks
cks.connatix.com/
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=8b22f0bd8f2445f586e9bdb7b722bc5c&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d34%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c...
  • https://cks.connatix.com/cks?pid=34&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Colossus&api-tier=1&uid=4ff280b4-ccca-4802-984b-a28963753e9a
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=34&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Colossus&api-tier=1&uid=4ff280b4-ccca-4802-984b-a28963753e9a
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b50781866a411fdfa9b2d78a0da31f51274fa82fd29a430f650de0807557afc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8a7dde5c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://cks.connatix.com/cks?pid=34&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Colossus&api-tier=1&uid=4ff280b4-ccca-4802-984b-a28963753e9a
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d1%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSundaySky%26api-tier%3d1%26uid%3d%24{ssky_uuid}&gdpr=0&_...
  • https://cks.connatix.com/cks?pid=1&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=SundaySky&api-tier=1&uid=d6.0c41150b2c8b46f2b8f09b92b071c3d9
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=SundaySky&api-tier=1&uid=d6.0c41150b2c8b46f2b8f09b92b071c3d9
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb37ef3a325b6fa1146f0be4029747263f253e213563ab3bfe6c97fa8be184f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8b5f385c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=SundaySky&api-tier=1&uid=d6.0c41150b2c8b46f2b8f09b92b071c3d9
date
Tue, 19 Sep 2023 13:51:20 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
x-xss-protection
1; mode=block
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d35%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dResetDigital%26api-tier%3d1%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=ResetDigital&api-tier=1&uid=000001111AEF1D75
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=ResetDigital&api-tier=1&uid=000001111AEF1D75
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba7f667413918678fd919a585c75d72b13c59aaeeb8ca0ac1eda0c5dacfcf570

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8be8975c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=ResetDigital&api-tier=1&uid=000001111AEF1D75
date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
psync
xsync.iqzone.com/ 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d43%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dSonobi%26api-tier%3d1%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Sonobi&api-tier=1&uid=4c45ded7-0750-4102-8166-76edcf238ee4
146 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Sonobi&api-tier=1&uid=4c45ded7-0750-4102-8166-76edcf238ee4
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d463e50eec4ebfe75a372a4f3781323ca5034a592345043a0fa442b2fec8a4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87bf396da3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Sonobi&api-tier=1&uid=4c45ded7-0750-4102-8166-76edcf238ee4
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d29%26ev%3d8b22f0bd8f2445f586e...
  • https://cks.connatix.com/cks?pid=29&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Adelphic&api-tier=1&uid=2614e276-f9cb-4563-921d-53cf34d28197
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Adelphic&api-tier=1&uid=2614e276-f9cb-4563-921d-53cf34d28197
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6259639f58417fafcc1b2292af568e017a0880ee9ee4878833e2475b5630a67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d8c19375c63-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=Adelphic&api-tier=1&uid=2614e276-f9cb-4563-921d-53cf34d28197
Date
Tue, 19 Sep 2023 13:51:20 GMT
Connection
keep-alive
X-CI-RTID
3f452a9d-187e-4cc1-b216-b4fcb7a17a89
Content-Length
177
Content-Type
text/html; charset=utf-8
us
capi.connatix.com/core/ Frame D08E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d8b22f0bd...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=8b22f0bd8f2445f586e9bdb7b722bc5c&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=6a3162d2-15e4-0041-1964-0a9d2887a9f1
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=8b22f0bd8f2445f586e9bdb7b722bc5c&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=6a3162d2-15e4-0041-1964-0a9d2887a9f1
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
80924d87aba0db2d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=8b22f0bd8f2445f586e9bdb7b722bc5c&DemandPartnerName=OpenX&tier=1&DemandPartnerUserId=6a3162d2-15e4-0041-1964-0a9d2887a9f1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame D08E 		0
0
pixel
cm.g.doubleclick.net/ Frame D08E
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=OGIyMmYwYmQ4ZjI0NDVmNTg2ZTliZGI3YjcyMmJjNWM&extra1=8b22f0bd8f2445f586e9bdb7b722bc5c&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&pid=9Q9dQmxlbiNFs&cb=3&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--right%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c9683a08-5707-41e0-87fa-5c408f687975%22%7D%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 821023b4a3a311c0d07e08ee75804660.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
0R2ATF3B7NW9VA2B19JM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pnozefqMFlAL45SFBs-7mTbCZUlsqTMMQHv2XHKPMA7xNgCRjK61MA==
non-refreshable-line-items.json
www.theguardian.com/commercial/ 		11 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/commercial/non-refreshable-line-items.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3257bf18ae27db7e5e263c861cd979440647112ef03b8b8db173c0c5d403ba8d
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri https://*.gracenote.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri https://*.gracenote.com
age
278
x-gu-edition
us
content-length
4872
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-timer
S1695131480.232367,VS0,VE0
etag
W/"hash-9220759110699737912"
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/commercial/non-refreshable-line-items.json
content-type
application/json
x-frame-options
SAMEORIGIN
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private,no-transform
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
vary
Accept-Encoding,User-Agent
accept-ranges
bytes
json
gum.criteo.com/sid/ Frame 032B 		0
0
trinity.json
apex.go.sonobi.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%7C5635f550bc4c43c%22%3A%22300x600%2C300x250%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fus-news%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=82539d09-8609-48d3-9f42-7563920a90c9&pv=lmqdieuj73kwojnmctlp&vp=desktop&lib_name=prebid&lib_v=7.54.4&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Dus-politics%2Cpt5%3Dhunter-biden%2Cpt5%3Dus-news%2Cpt5%3Dus-taxation%2Cpt6%3D0%2Cpt7%3Ddesktop%2Cpt9%3Dlmqdieuj73kwojnmctlp%7Cmartin-pengelly%7Cnews&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fc6aca76f1369af9e61088b65a96ff94f3a1bb7baa680bf020869bb06e9ed0fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1182
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208206
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164337642c576042eaa82d533242c334dc9521848b0bb5f5ff568ca67e0fa9fc

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvIe3wmOyMX%2FuGgpWRpdscM%2Bh6XcRMet4ef9odvMgrQ%2Bw5CcSBP4RDF615SAIgYmkN2RBhMuT8u8N2hDLqTmUOWEiOfdHk6nzawuubqRNB1UABtqnkXL5tNUK4q4y%2FEeglj5K3X6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80924d879884d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.17.145.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-145-177.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
8bb4eedeadb762f5d727ee9be0184748c41960d50d59f74ad8d8839a98b951c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
9
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hbjson
grid.bidswitch.net/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.91.9 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
9.91.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
36fd321528cbd7b53230b9f423cf7c59bb05eb3fcc889fe6c5cbb3ce830ef65e

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Sep 2023 13:51:20 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
translator
hbopenbid.pubmatic.com/ 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
62fd3168098a3c691cdd6bb7733ee625696f69b6ea0ea9f015a3a8f96632756b

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=141&profileId=185&av=36&wv=7.54.4&cb=83217167159
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fbc8d72285caf24f438e04a9eed96e2a4486fab81113ee4f19fdc1e14b81c5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
elb.the-ozone-project.com/openrtb2/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b91ccd9f9aaf52b43455d455344f2db729f7c2d083733d323efec1e7a680409

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80924d87ab33b3c1-MIA
expires
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0560 		0
0
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10249&campId=970x250&pubId=4499194706&chanId=85273887&placementId=6115382082&pubCreative=138221630458&pubOrder=3085351805&custom=article&custom2=top-above-nav&custom3=us&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&adsafe_type=abcedfq&adsafe_jsinfo=,id:f6206093-60e3-40a8-f1b4-8df9d92fda62,c:oD3q5e,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-689ccbfc59-z2txh,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.24.970.250,am:i,cc:315.24.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:632,mot:0,app:0,maw:0,fm:tQjkW8y+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713%7C17141%7C17142%7C1715%7C1716%7C181%7C19*.10249%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:698,oid:9c52874b-56f3-11ee-8a0e-c2f422b78b55,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.109.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-109-44.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
server
nginx
x-server-name
app14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=f6206093-60e3-40a8-f1b4-8df9d92fda62&tv=%7Bc:oD3q5f,pingTime:-8,time:699,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:699,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:697,wc:0.0.1600.1200,ac:315.24.970.250,am:i,cc:315.24.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B63~100%5D,as:%5B63~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQjkW8y+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713%7C17141%7C17142%7C1715%7C1716%7C181%7C19*.10249%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6781:2538:d349:ce7f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10249&asId=f6206093-60e3-40a8-f1b4-8df9d92fda62&tv=%7Bc:oD3q5D,pingTime:0,time:723,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:697%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:723,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:697,wc:0.0.1600.1200,ac:315.24.970.250,am:i,cc:315.24.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~100%5D,as:%5B86~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQjkW8y+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713%7C17141%7C17142%7C1715%7C1716%7C181%7C19*.10249%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6781:2538:d349:ce7f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ucl
capi.connatix.com/tr/ Frame D08E 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame D08E 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d97f307b6be72b93868b4c5b344fd59a87d15985306dc6a52ca8b1080bfc772e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29412
x-xss-protection
0
server
cafe
etag
526 / 19619 / m202309140101 / config-hash: 16551161024270559891
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:51:20 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D08E 		0
0
708b86ee-7dab-4dac-ab1f-8b445f8a708c.bin
vid.connatix.com/pid-e1539617-5658-4d5f-b352-91258ead02d1/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/ Frame D08E 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 24FD 		0
0
user-matching
ads.stickyadstv.com/ Frame CBCA 		0
0
/
csync.loopme.me/ Frame CBCA 		0
0
us
sync.go.sonobi.com/ Frame CBCA 		0
0
sync
ssbsync.smartadserver.com/api/ Frame CBCA 		0
0
rtset
bh.contextweb.com/bh/ Frame CBCA 		0
0
cm
us-u.openx.net/w/1.0/ Frame CBCA 		0
0
v1
match.sharethrough.com/universal/ Frame CBCA 		0
0
https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame CBCA 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame CBCA 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame CBCA 		0
0
/
ssc-cms.33across.com/ps/ Frame CBCA 		0
0
getuid
ib.adnxs.com/ Frame CBCA 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame CBCA 		0
0
pbsync
ads.yieldmo.com/ Frame CBCA 		0
0
cksync.php
contextual.media.net/ Frame CBCA 		0
0
rise
sync.1rx.io/usersync2/ Frame CBCA 		0
0
services
sync.technoratimedia.com/ Frame CBCA 		0
0
cks
cks.connatix.com/ Frame CBCA 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 24FD 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EE6 		0
0
iev
csm.va.us.criteo.net/ Frame 032B 		0
0
iex
csm.va.us.criteo.net/ Frame 032B 		0
0
connatix.omsdk.service-web.js
cds.connatix.com/p/plugins/ 		0
0
connatix.omsdk.session.client-1.4.2.js
cds.connatix.com/p/plugins/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.2.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a317045407e197c827358d312af14bc2abd9abe54ae1e8a75381a9e812dcc99

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
x-amz-version-id
A8F1_e4vwY1KEtRlHmqPnGHTZpMg8LMf
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 23 May 2023 10:40:37 GMT
server
cloudflare
etag
W/"604d09b454a403c6b255a788099368ac"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
80924d894a363714-MIA
access-control-allow-headers
range
expires
Wed, 18 Sep 2024 13:51:20 GMT
events
bidder.criteo.com/csm/ 		0
197 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Tue, 19 Sep 2023 13:51:20 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		682 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5b3632fdcd9f397eff034fcd7b14976432cefa384334d1e3b69a2730e3cf2f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
map
bcp.crwdcntrl.net/6/ 		156 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.19.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-19-153.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c4ae3df9e8faab7b1bb930af7ebd4893b07078b30495ef03b1358d7ad1bdf2c1

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
x-server
10.40.46.210
access-control-allow-credentials
true
content-length
156
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1530110758892106&correlator=3442797190020017&eid=44777900%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cus-news%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C300x600&fluid=height&ifi=6&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D3b7857fa2335d5ac%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A&gpic=UID%3D00000d93d68ff1a9%3AT%3D1695131477%3ART%3D1695131477%3AS%3DALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA&abxe=1&dt=1695131480703&lmt=1695167480&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsn9IhnZ9_XfX_NsffdcHNENx8KFymGl8QNBKO0AJ-LAdpBLFfPy7nwKl85TesGLV9B7pQVArEFAx532esZ1vPmyeZC-zjzD8g%2CAOrYGskoEVyt-TGjjgsrn6woyq-6b2ok6msKMF1MSKj8zhG-m7HgSQxlaoGX9qkeXFNct56IjJOl1bt_pggw16dJKYq86D-F5KbmYA&ga_vid=139186784.1695131476&ga_sid=1695131477&ga_hid=112282397&ga_fc=true&dlt=1695131472017&idt=4684&prev_scp=slot%3Dright%26amznbid%3D2%26amznp%3D2%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x250%26hb_pb_ozone%3D0.56%26hb_adid_ozone%3D7102e04ed874029-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.24%26hb_adid%3D7432e69c4255aa6%26hb_bidder%3Dpubmatic%26oz_size%3D300x250%26oz_adId%3D7102e04ed874029-0-oz-0%26oz_pb_r%3D0.56%26oz_pb%3D0.5620542%26oz_pb_v%3D2.8.0%26oz_imp_id%3D7102e04ed874029%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3Db166fd8a-01df-4535-88c0-78d518ed26c1%26oz_appnexus_pb_r%3D0.56%26oz_appnexus_adId%3D7102e04ed874029-0-oz-0%26oz_appnexus_adv%3Dtaxreliefhelpers.com%26oz_appnexus_crid%3D461884173%26oz_appnexus%3Dappnexus%26confiant%3D4%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D1.24%26hb_adid_pubmatic%3D7432e69c4255aa6%26hb_bidder_pubmatic%3Dpubmatic%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D300x600%26hb_pb_criteo%3D0.69%26hb_adid_criteo%3D729ec21479a98a%26hb_bidder_criteo%3Dcriteo%26refreshed%3Dtrue&cust_params=permutive%3D23527%252C54759%252C83434%252C131644%252C151037%252C155919%252Crts%26amtgrp%3D8%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D0%26edition%3Dus%26tn%3Dnews%26p%3Dng%26k%3Dus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpv5v9%26co%3Dmartin-pengelly%26url%3D%252Fus-news%252F2023%252Fsep%252F18%252Fhunter-biden-sues-irs-taxes%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dus-news%26sens%3Df%26urlkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%26allkw%3Dhunter%252Cbiden%252Csues%252Cirs%252Ctaxes%252Cus-politics%252Chunter-biden%252Cus-news%252Cus-taxation%26ab%3DophanEsmControl-control%26cc%3DUS%26pv%3Dlmqdieuj73kwojnmctlp%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Daf45e442-63d3-4751-bb6d-7347e87f59a0%26prmtvvid%3D51ebc3dc-5899-4bfd-b90e-acee2b1d681a%26prmtvsid%3D6b591827-ad40-4c6e-8f78-a3b58b036366%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fra%3Dtrue%26ias-kw%3DIAS_1512447_PG%252CIAS_1508625_PG%252CIAS_1500690_PG%252CIAS_1507080_PG%252CIAS_6494_KW%252CIAS_1500902_PG&adks=1669199177&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b06612c6b5eee5513b2ccd73dbe8e56d08ee8aeca5992cabae45d51d4aff4321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12368
x-xss-protection
0
google-lineitem-id
6116820202
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138223245118
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dyHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q%26u%3d%24%7bUSER_ID%...
  • https://ssp-sync.criteo.com/user-sync/match?p=yHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q&u=AABSyE7KE08AABXBedE9gw&us_privacy=1YNN
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=yHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q&u=AABSyE7KE08AABXBedE9gw&us_privacy=1YNN
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=yHsdt19wZ2o3TXBKWFolMkJOWVVuaWdhTDhiOEY2YVFkd3dsejc1dTdoeWxnMHo5YnMlM0Q&u=AABSyE7KE08AABXBedE9gw&us_privacy=1YNN
Date
Tue, 19 Sep 2023 13:51:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&gdpr=&gdpr_consent=&us_privacy=1YNN&cr_user_id=k-znmBCJVnWfb5v_tOnFph_0kkIK0...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-znmBCJVnWfb5v_tOnFph_0kkIK0uDMoab9ySzw&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&u=3665747f-ad52-4ec2-90c3-53acd2e2f29c
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&u=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=d8Qx-F9kdWJsSEJMRmVLZDh2OTIxWXhOd2ttaXpOM3N3OXNCSzB6Y0tnS1hTakZVJTNE&u=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Date
Tue, 19 Sep 2023 13:51:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dmb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE%26u%3d%3cTUID%3...
  • https://ssp-sync.criteo.com/user-sync/match?p=mb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE&u=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=mb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE&u=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=mb8n7F9NT3pUdW5palN5OHhaWmFEZ0JIODJmdjA0bVVycUxveUdZUXR6d2tIZEFJJTNE&u=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
date
Tue, 19 Sep 2023 13:51:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
55986
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600024-LCY, cache-mia-kmia1760047-MIA
server
nginx
x-timer
S1695131481.814983,VS0,VE120
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
303ca41ae9289df40dc05bbfead6875203fc507e
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8140ed15f69a1e8d4f9be7548fcf56bf1073ceb2ce609387bd8fdc0985698c9b

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9211 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120359
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
Wed, 20 Sep 2023 23:17:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1FAD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
be26002cf69cf44108b36ead9da522c344c4bed69a9d4a505b427eb6740d2568

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1304
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame DE8E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
342
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80924d8dffe721d9-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
Tue, 19 Sep 2023 17:51:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame 11C2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/ad3744977286899089e7/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50eb870b8700be4c8462acb148814db55da13df007fc6913cb99f453c1cac019

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80924d8d9c86b3c1-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
0
last-modified
Mon, 18 Sep 2023 15:51:00 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c&google_hm=MzY2NTc0N2YtYWQ1Mi00ZWMyLTkwYzMtNTNhY2QyZTJmMjlj
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEJtRxRn58IHQETxWw8Vpl0&google_cver=1&ssp=sonobi&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy=
49 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 19 Sep 2023 13:51:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
insync
thrtle.com/
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10072&vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4
  • https://thrtle.com/insync?vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4&vxii_pid=12&vxii_pid1=10072&vxii_rcid=b118a5f0-c43f-4d73-bee0-376bb490e24b
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4&vxii_pid=12&vxii_pid1=10072&vxii_rcid=b118a5f0-c43f-4d73-bee0-376bb490e24b
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
3.231.182.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-182-141.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 19 Sep 2023 13:51:21 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=4c45ded7-0750-4102-8166-76edcf238ee4&vxii_pid=12&vxii_pid1=10072&vxii_rcid=b118a5f0-c43f-4d73-bee0-376bb490e24b
date
Tue, 19 Sep 2023 13:51:21 GMT
content-type
text/html; charset=utf-8
content-length
182
p3p
CP="NOI OUR BUS UNI COM NAV"
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=4c45ded7-0750-4102-8166-76edcf238ee4
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZE4YDTTBSH70RBHCPYJA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4c45ded7-0750-4102-8166-76edcf238ee4
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De1bcbec7-523a-459a-8da1-fcef22f02ef7%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6004480877952621289&pt=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6004480877952621289&pt=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
an-x-request-uuid
8a4ca06a-b026-4a6e-a045-26781f42023f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6004480877952621289&pt=e1bcbec7-523a-459a-8da1-fcef22f02ef7%2C%2C
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
all
ssl-market-east.smrtb.com/sync/ 		0
0
30907
tags.bluekai.com/site/ 		62 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=4c45ded7-0750-4102-8166-76edcf238ee4
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.218 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 19 Sep 2023 13:51:21 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=82b67018-7d76-4fb5-9b12-469927ce73b2&pubid=d089631d2d
49 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=82b67018-7d76-4fb5-9b12-469927ce73b2&pubid=d089631d2d
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=82b67018-7d76-4fb5-9b12-469927ce73b2&pubid=d089631d2d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=4c45ded7-0750-4102-8166-76edcf238ee4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&rand=06012780
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&rand=06012780
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 26E29F886380436592BB1382D9C4D041 Ref B: MIAEDGE2316 Ref C: 2023-09-19T13:51:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFto4JQ1th2kckrCHP0g==

Redirect headers

date
Tue, 19 Sep 2023 13:51:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=833aff72e406fb782560e05d3ef932f9a6b4f23cdfacc0191d8fe057f11b1122791426b5417dce21&rand=06012780
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4c45ded7-0750-4102-8166-76edcf238ee4&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=c3ZZX29wOUtNZVJseG5tQmUwUkU0QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEP5AvkdEmAv9qPt7ayYDEN0&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=mHb9MxhElbck
49 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=mHb9MxhElbck
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=mHb9MxhElbck
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-rwzqm
expires
-1
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Server
52.86.10.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-10-106.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0efd41092.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dO4ji8I+QzI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v049-04a6a5c12.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
O3xn0ZffTA0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=4c45ded7-0750-4102-8166-76edcf238ee4
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=0d26ae77-6dac-0aa1-2c4d-a0879e3a83ca
49 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=0d26ae77-6dac-0aa1-2c4d-a0879e3a83ca
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 19 Sep 2023 13:51:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=0d26ae77-6dac-0aa1-2c4d-a0879e3a83ca
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
info2
uipglob.semasio.net/sonobi/1/
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:27 GMT
Frontend-ID
4
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:27 GMT
Frontend-ID
2
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/sonobi/1/info2?sType=sync&sExtCookieId=4c45ded7-0750-4102-8166-76edcf238ee4&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A
49 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A
date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NGM0NWRlZDctMDc1MC00MTAyLTgxNjYtNzZlZGNmMjM4ZWU0
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESECdODFpmou7qCajxtPKc_5Q&google_cver=1
49 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECdODFpmou7qCajxtPKc_5Q&google_cver=1
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESECdODFpmou7qCajxtPKc_5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2929301841228134313336
49 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2929301841228134313336
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=2929301841228134313336
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
match.bnmla.com/ 		0
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		0
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=4c45ded7-0750-4102-8166-76edcf238ee4
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.78.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-78-45.atl58.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
via
1.1 cb8f9eeabb5079cbcdbabdbd476ce1a2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
ATL58-P5
vary
Origin
access-control-allow-methods
POST, GET
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
x-cache
Miss from cloudfront
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
Vrq3BAuROmpU2mazk51KF3JwVSOZqBQiXvgoafosg2yvoYJ8pM1mlA==
alt-svc
h3=":443"; ma=86400
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=4c45ded7-0750-4102-8166-76edcf238ee4&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
date
Tue, 19 Sep 2023 13:51:21 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
user-sync
sync.adkernel.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=43ff3c35-f210-472d-8f57-4774d043c806
49 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=43ff3c35-f210-472d-8f57-4774d043c806
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=43ff3c35-f210-472d-8f57-4774d043c806
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=50e9ac084d244783a9ac084d24c78341
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=50e9ac084d244783a9ac084d24c78341
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 19 Sep 2023 13:51:21 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.theguardian.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=50e9ac084d244783a9ac084d24c78341
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
10.gif
id5-sync.com/c/434/1246/0/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=4c45ded7-0750-4102-8166-76edcf238ee4&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=4c45ded7-0750-4102-8166-76edcf238ee4&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/8/2.gif?puid=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/7/3.gif?puid=e1bcbec7-523a-459a-8da1-fcef22f02ef7&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/6/4.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_127b9e15-6fec-4b46-8749-7842a0f0127f&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/4/6.gif?puid=6004480877952621289&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/3/7.gif?puid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABSyE7KE08AABXBedE9gw&id5AccountNum=155&numCascadesAllowed=9
  • https://ce.lijit.com/merge?pid=85&3pid=AABSyE7KE08AABXBedE9gw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://ce.lijit.com/merge?pid=85&3pid=AABSyE7KE08AABXBedE9gw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/1241/1/9.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=6004480877952621289&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
  • https://id5-sync.com/c/434/1246/0/10.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/434/1246/0/10.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
HTTP/1.1
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 19 Sep 2023 13:51:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/434/1246/0/10.gif?puid=HWPfiRZHLE13_QiPRl2H0AHU&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ID1=4c45ded7-0750-4102-8166-76edcf238ee4
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=4c45ded7-0750-4102-8166-76edcf238ee4
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Tue, 19 Sep 2023 13:51:21 GMT
server
Apache-Coyote/1.1
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6004480877952621289
49 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6004480877952621289
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
an-x-request-uuid
c36d19d7-63da-4980-ab9e-4317d715a79c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6004480877952621289
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777325356003384
49 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777325356003384
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1783777325356003384
Date
Tue, 19 Sep 2023 13:51:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ASN4OZWLYH6qfn68Hrab&pi=sonobi
49 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ASN4OZWLYH6qfn68Hrab&pi=sonobi
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ASN4OZWLYH6qfn68Hrab&pi=sonobi
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT, Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=82b67018-7d76-4fb5-9b12-469927ce73b2&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=82b67018-7d76-4fb5-9b12-469927ce73b2&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=82b67018-7d76-4fb5-9b12-469927ce73b2&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG_jUlzM1KkD-vqj6ZdAJkk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG_jUlzM1KkD-vqj6ZdAJkk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG_jUlzM1KkD-vqj6ZdAJkk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FAD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyOTMwMTg0MTIyODEzNDMxMzMzNg%3D%3D
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1FAD 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2929301841228134313336&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:20 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EF36A5D75B3C4556888A36328FB4A8CD Ref B: MIAEDGE2316 Ref C: 2023-09-19T13:51:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFto3K9M2OAymGUrBaZg==
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2929301841228134313336?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-S563JQ9E2oRbtdSc4oMd0oqVYWJVc.PKL6VVrx_wyA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-S563JQ9E2oRbtdSc4oMd0oqVYWJVc.PKL6VVrx_wyA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-S563JQ9E2oRbtdSc4oMd0oqVYWJVc.PKL6VVrx_wyA--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 1FAD 		42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2929301841228134313336&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 753B8723E6C2498A8A65C690E0A582EF Ref B: MIAEDGE1816 Ref C: 2023-09-19T13:51:21Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2929301841228134313336&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b3ad9a4a-198f-43ce-928b-fa9b4088c476&ssp=triplelift&expires=30&user_group=5&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=3665747f-ad52-4ec2-90c3-53acd2e2f29c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 19 Sep 2023 13:51:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=2101faaa-8bdf-4080-a6a1-d4b63334a6a2&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
559311
content-length
0
expires
Tue, 19 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1FAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6004480877952621289&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6004480877952621289&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
an-x-request-uuid
136c64ae-994b-42c5-9e74-7c3f5d1c78a5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6004480877952621289&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9211 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3657359&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c5b58e7b055b2e29aec56744d40c756431857020eaab738da60074b5861df9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 13:51:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 3792 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c138bd05bbb31298f5496e9c1ce784e24cf8779b76c8a8d8cfbd6fd382323b62

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80924d8e4a09d9e1-MIA
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKx%2F1KwXF3LMzXcEDonjcpn88c6jNJuT1gu41wXc0cfees2YkKYj20J%2FVaVlT39NF2mjHSEfvwoREiKmz5Ew40wHZCjdo4KqhE%2FOdJzLxa63g2K7e%2FMku6MvExKri%2BrdQNHfPTDISo%2FEaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame 11C2 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80924d8eacd91273-MIA
cookie_sync
elb.the-ozone-project.com/ Frame 11C2 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc06b5ce5c4f8f9b2be719b3f15c6bd3d01cafbd42869cd0a0128c635e874f4

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80924d8e5dbeb3c1-MIA
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 16D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6004480877952621289&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6004480877952621289&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
77ce8b37-2262-4034-981f-6e611c8d874b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6004480877952621289&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame C465
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCU3lFN0tFMDhBQUJYQmVkRTlndw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABSyE7KE08AABXBedE9gw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2457807864703770449&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABSyE7KE08AABXBedE9gw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2457807864703770449%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2457807864703770449&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AABSyE7KE08AABXBedE9gw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2457807864703770449%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2457807864703770449&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSyE7KE08AABXBedE9gw&gdpr=0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSyE7KE08AABXBedE9gw&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 19 Sep 2023 13:51:22 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSyE7KE08AABXBedE9gw&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 3EFD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQmnaAARlMmTaAAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 19 Sep 2023 13:51:36 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760026-MIA
x-timer
S1695131497.573487,VS0,VE26

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 19 Sep 2023 13:51:36 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQmnaAARlMmTaAAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760026-MIA
x-timer
S1695131481.455126,VS0,VE15090
141
match.deepintent.com/usersync/ Frame 658F 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 29A9
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 8D16
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
42 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 19 Sep 2023 13:51:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
insync
thrtle.com/ Frame 9211 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.182.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-182-141.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 19 Sep 2023 13:51:21 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 9211 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 9211 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.73.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-73-196.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 9211 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.238.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-238-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 19 Sep 2023 13:51:21 GMT
7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9211 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7E1BF2AF-62C2-418E-A3AA-D101FB5B4308?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 9211
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6c06099102c1310&is_secure=true&networkId=17100&version=1&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALymlFxLFK9QNDixQQAAAAAAA&expiration=1695217881&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALymlFxLFK9QNDixQQAAAAAAA&expiration=1695217881&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALymlFxLFK9QNDixQQAAAAAAA&expiration=1695217881&nuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9211
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2614e276-f9cb-4563-921d-53cf34d28197&gdpr=0&gdpr_consent=
Date
Tue, 19 Sep 2023 13:51:21 GMT
Connection
keep-alive
X-CI-RTID
b11bc307-4f6d-4446-b7ae-3d520a4d5b6d
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 9211
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ZQmnVqk7MV794SIGn2VaigAABncAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3792 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQmnVqk7MV794SIGn2VaigAABncAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 3792
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6004480877952621289
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6004480877952621289
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R16FpXgU%2FkoHAASxX1roP6cfdheb00Qn5Ql8WtTXpU1c%2FI51GGyULuQ%2BvTNEe%2BcGWXDFO8fZ%2BNX834mS1wVm%2FlH2twRu0p614S8nCB2ZX4abw43Is31tXrUSJeSZpu5EsvLDr4R2CjW%2F5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d8f4ba5d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
an-x-request-uuid
43bbba60-e006-43ed-bb92-013c59969946
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6004480877952621289
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 3792 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.133 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1695131481420034-301
rum
dsum-sec.casalemedia.com/ Frame 3792
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQmnWQAOVyVQXgA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQmnWQAOVyVQXgA4&_test=ZQmnWQAOVyVQXgA4
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQmnWQAOVyVQXgA4&_test=ZQmnWQAOVyVQXgA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuuXXB2CsgNNxu1seNRP4e6SultfLjX52zFVDqJn8lR7HODdYKWGvk%2FqGa%2B6gKn98DlIYJskr2%2FWhM2Ag2ojM0spoBszA6GEuiuHobvOm3jZE3CFDmOEKP9jchFz9TYUyrLYdNG7aaHNJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d8f9c04d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760026-MIA
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695131482.510240,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQmnWQAOVyVQXgA4&_test=ZQmnWQAOVyVQXgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 3792
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cKnXaoB19daNgzDf0ADjNMJLdKT8SQn%2ByFHZKR7bR%2BRL%2FgEyNcG%2FWDLp9tD0teSUzJElrTxIczv0wGQ7%2BwM57urJDX8Vpe3qlUvsb44mjXDa6CF3JhA3uwRN0geChwR1Cm46viE1KiVsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d904cefd9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9d8d946a-56f3-11ee-8af4-6e5154bc90cf
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 3792
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZQmnVqk7MV794SIGn2VaigAA%261655&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D05ckGRvgvHFD5WU5%2F7MnB8QJ9ZiFZrH1g3bqGhMVbbMtI3ob1xxVmyH1pH%2FBcpOdEXj4dAP0%2BuVyT2Ukok0MNfcedXW5G%2Bql6XkmDP5%2Fb5BdH66N53SgVbAEImQZFH2OuwY4F7sDQgdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d90ddc7d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
date
Tue, 19 Sep 2023 13:51:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
56023
dcm
s.amazon-adsystem.com/ Frame 3792 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQmnVqk7MV794SIGn2VaigAABncAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E36XZTW6V22P1QXFF9GT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3792
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5904f73c-dda8-47cb-bd0e-4b7458357fab&expiration=1726753881
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5904f73c-dda8-47cb-bd0e-4b7458357fab&expiration=1726753881
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oJ%2F2lQWeGNcCK2gmHbkd5xqwHZpZzxyKJG4eu0OmfNZgT2PDPrYCJICn7Nq8Flvzi6SEvDyWJfejBQzjrjT%2Bu9pg47vESGOsPl8S%2B3a8clORsfDkMfVDWw5kc%2B2sUC4S1U4wte8PAWEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80924d907d31d9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5904f73c-dda8-47cb-bd0e-4b7458357fab&expiration=1726753881
Date
Tue, 19 Sep 2023 13:51:21 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3792 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQmnVqk7MV794SIGn2VaigAA%261655
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.theguardian.com%2Fus-news%2F2023%2Fsep%2F18%2Fhunter-biden-sues-irs-taxes&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
61978
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80924d8ed8e421d9-MIA
content-length
43
expires
Wed, 20 Sep 2023 13:51:21 GMT
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2929301841228134313336
0
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2929301841228134313336
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d8f2f2cb3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2929301841228134313336
date
Tue, 19 Sep 2023 13:51:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=9fd59dba-05e7-0e47-3cf9-69b43d570002
0
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=9fd59dba-05e7-0e47-3cf9-69b43d570002
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d9058f5b3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:21 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=9fd59dba-05e7-0e47-3cf9-69b43d570002
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=276e7954-d5a6-4722-84d7-5af92c52e11e
0
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=276e7954-d5a6-4722-84d7-5af92c52e11e
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d925cf8b3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=276e7954-d5a6-4722-84d7-5af92c52e11e
access-control-allow-origin
*
date
Tue, 19 Sep 2023 13:51:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie
cm.adform.net/ Frame 11C2 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:22 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=3665747f-ad52-4ec2-90c3-53acd2e2f29c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d999ffcb3c1-MIA
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=3665747f-ad52-4ec2-90c3-53acd2e2f29c
Date
Tue, 19 Sep 2023 13:51:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2457807864703770449
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2457807864703770449
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d9a694ab3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2457807864703770449
date
Tue, 19 Sep 2023 13:51:23 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LMQDINP9-12-6QC4&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LMQDINP9-12-6QC4&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924d9c4c1eb3c1-MIA
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LMQDINP9-12-6QC4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 9211 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157206&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EE9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120357
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 19 Sep 2023 13:51:23 GMT
expires
Wed, 20 Sep 2023 23:17:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EE9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29287945&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c38ee2124dd62321874a1dcfe34f348d09991ec98e92305940cbd8517d0db19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2C39
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:51:24 GMT
expires
Tue, 19 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
806656
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame CCBD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Sep 2023 13:51:24 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-nY4QBKbV1VBZ9n4Y1Fx5CaEdko&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 6C79
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0uGLMbaw1QIB8o5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0uGLMbaw1QIB8o5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 19 Sep 2023 13:51:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0uGLMbaw1QIB8o5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-gfcd4f77#rel-ec2-master i-060875d9660871e06@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 032F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5904f73c-dda8-47cb-bd0e-4b7458357fab&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.50.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-50-117.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:24 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 19 Sep 2023 13:51:23 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 201E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777325356003384
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777325356003384
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 19 Sep 2023 13:51:24 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777325356003384
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
setuid
elb.the-ozone-project.com/ Frame F49F 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80924da18c22b3c1-MIA
content-length
0
date
Tue, 19 Sep 2023 13:51:24 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 4EE9 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.113.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-113-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:24 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
3b138bea-9def-4202-97f8-ceeae96e6ecf
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-0fb773ece8a2921b8
396846.gif
idsync.rlcdn.com/ Frame 4EE9
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f3cd6d13-713f-0bce-080c-29528597a357
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f3cd6d13-713f-0bce-080c-29528597a357
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 19 Sep 2023 13:51:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f3cd6d13-713f-0bce-080c-29528597a357
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308/gdpr=0/ Frame 4EE9 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.19.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-19-153.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.41.211
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 4EE9 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5d3a4360-c386-4183-80c2-ab45771c25f5&expires=1&user_group=2&ssp=pubmatic&bsw_param=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:22:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3665747f-ad52-4ec2-90c3-53acd2e2f29c&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 19 Sep 2023 13:51:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 4EE9 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.128.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-128-129.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4038167191623545769&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4038167191623545769&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4038167191623545769&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame 4EE9
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10940CEF7_4EBD3BC3&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-378136208; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:24 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-378136208; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8032832714304770988
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8032832714304770988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8032832714304770988
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 9211 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52100060&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b56213fc4d345b195115f1890e2fdaf122b497be3ba3cd6fff37f31bae7b73a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 19 Sep 2023 13:51:24 GMT
content-length
1997
content-type
text/html; charset=UTF-8
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/3dabdb74146e378e768c/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c369d137cfb49d25e260de6ecfec716b3bee7686cdf73cd8bc9f772089eda931

Request headers

Referer
https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 13:51:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
i.match
s.tribalfusion.com/z/ Frame 54C2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80924da84f8fb3e5-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80924da7ae98b3e5-MIA
content-type
text/html
date
Tue, 19 Sep 2023 13:51:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
717
Pug
image2.pubmatic.com/AdServer/ Frame 9D64
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa8db507c5a5c4c0eb726e8ce08e02c85
42 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa8db507c5a5c4c0eb726e8ce08e02c85
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa8db507c5a5c4c0eb726e8ce08e02c85
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame BF34
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
42 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 13:51:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 313F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=829426950637
42 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=829426950637
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=829426950637
Pug
simage2.pubmatic.com/AdServer/ Frame A43F
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
79 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 19 Sep 2023 13:51:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 2EDE
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uy90B5zCAEWTTGqJXacJZQ
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uy90B5zCAEWTTGqJXacJZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uy90B5zCAEWTTGqJXacJZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1BD7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1695131485046
  • https://ad.turn.com/r/cs?pid=45&rndcb=4489564387
  • https://sync.1rx.io/usersync/turn/4038167191623545769?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 19 Sep 2023 13:51:25 GMT
ETag
RX5b5a30d267e143278890a6d68fa6eafa005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 1728 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 19 Sep 2023 13:51:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 3D8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 19 Sep 2023 13:51:25 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
/
bpi.rtactivate.com/tag/ Frame 9211 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.131.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-131-144.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:25 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
sync
pippio.com/api/ Frame 9211
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&_li_chk=true&previous_uuid=c3c9e8bac5d54e859aaa06c8be9dd1bf
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c3c9e8ba-c5d5-4e85-9aaa-06c8be9dd1bf
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Db88c4f4f-d1e2-4342...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1783777325356003384&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Db88c4f...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&pid=500040&it=1&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377%3A1695131486.1698945&_=169...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1695131486.174504&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377:1695131486.1698945
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1695131486.174504&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377:1695131486.1698945
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:30 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1695131486.174504&iv=b88c4f4f-d1e2-4342-804f-677cb69ca377:1695131486.1698945
Date
Tue, 19 Sep 2023 13:51:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
qmap
sync.crwdcntrl.net/ Frame 9211 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.186.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-186-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.43.205
content-length
49
expires
0
/
io.narrative.io/ Frame 9211
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
  • https://io.narrative.io/?io.narrative.guid.v2=9fc71491-56f3-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=9fc71491-56f3-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
HTTP/1.1
Server
52.44.127.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-127-59.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:25 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=9fc71491-56f3-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Date
Tue, 19 Sep 2023 13:51:25 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9211
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6004480877952621289
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6004480877952621289
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:25 GMT
an-x-request-uuid
1ca19832-9737-4f3b-bf5d-67e53776a8b3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6004480877952621289
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
hbx.media.net/ Frame 11C2 		53 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 19 Sep 2023 13:51:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 19 Sep 2023 13:51:26 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4EE9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_p...
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3RY4877dd47k2vCTamAM&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3RY4877dd47k2vCTamAM&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924dae5918b3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3RY4877dd47k2vCTamAM&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=82b67018-7d76-4fb5-9b12-469927ce73b2
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=82b67018-7d76-4fb5-9b12-469927ce73b2
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924daf1a1ab3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=82b67018-7d76-4fb5-9b12-469927ce73b2
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
215
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db04bedb3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWpwDb4m5Z10wa%2B7u1u7WkIJJXmQurZ%2BH3c2%2BGKQYXcbXPconHaRkEQhrVOEGS1YEL9ZDkrLsARwc9V3nk1wHuZvjovUD7kiEVehJ8Y5aBdkqZazpXTt8%2BptGARgQDksklv3w7p0"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZQmnVqk7MV794SIGn2VaigAA%261655
cache-control
no-cache
cf-ray
80924dafdc4dd9e1-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EE9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47937726&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3c523771deaa37f6917ba6c9b53d9b144bebf8c7bd91980e5a31f2562b3a5d39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 19 Sep 2023 13:51:26 GMT
content-length
1310
content-type
text/html; charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?uid=AABSyE7KE08AABXBedE9gw&bidder=beeswax
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?uid=AABSyE7KE08AABXBedE9gw&bidder=beeswax
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db11ce4b3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?uid=AABSyE7KE08AABXBedE9gw&bidder=beeswax
Date
Tue, 19 Sep 2023 13:51:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cookiesync
core.iprom.net/ Frame D574 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:27 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-25fd084e869b@version_1.571v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame FA5B
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7484178861028887040&uid=Q748417886102888...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7484178861028887040
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7484178861028887040
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=20366
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Tue, 19 Sep 2023 13:51:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7484178861028887040
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 5944
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 13:51:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 19 Sep 2023 13:51:26 GMT
expires
Mon, 18 Sep 2023 13:51:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E69D8D1ECFEA418DA3FD1181D44F5557&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
elb.the-ozone-project.com/ Frame 3EBA 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80924db11cd8b3c1-MIA
content-length
0
date
Tue, 19 Sep 2023 13:51:26 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
p
a.audrte.com/ Frame 4EE9
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjZicEZsM244Zi1USk9ycWxqaDkwbDh6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8032832714304770988&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
HTTP/1.1
Server
35.172.171.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-171-236.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 13:51:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 19 Sep 2023 13:51:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 4EE9 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-48.yul62.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
YUL62-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
7vY3xolXWrG8S7HMwhGTBkzbkL-FB-7NY7HQro7raR0rb-fo3MMZJg==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 4EE9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:27 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Sep 2023 13:51:27 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 4EE9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=82b67018-7d76-4fb5-9b12-469927ce73b2&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b60ac3d16118f52c
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b60ac3d16118f52c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=82b67018-7d76-4fb5-9b12-469927ce73b2&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=82b67018-7d76-4fb5-9b12-469927ce73b2&bid=1e2n4ou
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
HTTP/1.1
Server
3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-64-79.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Sep 2023 13:51:28 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=82b67018-7d76-4fb5-9b12-469927ce73b2&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cbb7322a-159c-4c6e-9497-16d6392ff5be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cbb7322a-159c-4c6e-9497-16d6392ff5be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 19 Sep 2023 13:51:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cbb7322a-159c-4c6e-9497-16d6392ff5be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 19 Sep 2023 13:51:27 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6004480877952621289
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6004480877952621289
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db1fe6eb3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:26 GMT
an-x-request-uuid
19038001-4472-474e-8f41-6222a73a2fb5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6004480877952621289
x-proxy-origin
38.132.118.74; 38.132.118.74; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9211 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157206&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1bd1cf5340102130&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-...
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAHSY492sOpRgNZc3KLAAAAAAA&expiration=1695217887
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAHSY492sOpRgNZc3KLAAAAAAA&expiration=1695217887
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db3382db3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAHSY492sOpRgNZc3KLAAAAAAA&expiration=1695217887
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%2...
  • https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=22e825ee-ba28-c07c-b42d-774b88e93070&us_privacy=pbs-ozone
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=22e825ee-ba28-c07c-b42d-774b88e93070&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db439c3b3c1-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=kargo&uid=22e825ee-ba28-c07c-b42d-774b88e93070&us_privacy=pbs-ozone
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
153
expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%...
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=c0362520-7da2-4ac9-84d5-fbbc3f29d884&gdpr=0
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=c0362520-7da2-4ac9-84d5-fbbc3f29d884&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db61c6cb3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=c0362520-7da2-4ac9-84d5-fbbc3f29d884&gdpr=0
date
Tue, 19 Sep 2023 13:51:27 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A&gdpr=0
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db6edacb3c1-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A&gdpr=0
date
Tue, 19 Sep 2023 13:51:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4b8c12c3-2316-455e-b2fe-e349d5a4d07b
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4b8c12c3-2316-455e-b2fe-e349d5a4d07b
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924db979ffb3c1-MIA
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4b8c12c3-2316-455e-b2fe-e349d5a4d07b
Date
Tue, 19 Sep 2023 13:51:28 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
setuid
elb.the-ozone-project.com/ Frame 11C2
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=HWPfiRZHLE13_QiPRl2H0AHU
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=HWPfiRZHLE13_QiPRl2H0AHU
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 13:51:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
80924dbafbb4b3c1-MIA
content-length
0
expires
0

Redirect headers

Date
Tue, 19 Sep 2023 13:51:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=HWPfiRZHLE13_QiPRl2H0AHU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
rum
elb.the-ozone-project.com/cdn-cgi/ Frame 11C2 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&pubcid=c9683a08-5707-41e0-87fa-5c408f687975&publisherId=OZONEGMG0001&siteId=4204204209&cb=1695131478133&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type
application/json

Response headers

date
Tue, 19 Sep 2023 13:51:28 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80924dbb6cadb3c1-MIA
SPug
simage4.pubmatic.com/AdServer/ Frame 4EE9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 13:51:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ASN4OZWLYH6qfn68Hrab&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQmnVqk7MV794SIGn2VaigAA%261655&tc=1
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_N29EZ2lUc3E4OFVTNHJyQkcwX054cGFma3JnLzI0MTE1ODMyNzozMDB4MjUw&v=5&s=v31hamrbc2b&id=eyJkZnAiOnsiYWQiOjIzMTI4NzY3LCJjIjpudWxsLCJsIjowLCJvIjoyNDExNTgzMjcsIkEiOiIvNTk2NjYwNDcvdGhlZ3VhcmRpYW4uY29tL3VzLW5ld3MvYXJ0aWNsZS9uZyIsInkiOjEyMzEwMCwiY28iOjAsInMiOiJkZnAtYWQtLXJpZ2h0In19&cb=5295595&h=www.theguardian.com&d=eyJ3aCI6Ik4yOUVaMmxVYzNFNE9GVlROSEp5UWtjd1gwNTRjR0ZtYTNKbkx6STBNVEUxT0RNeU56b3pNREI0TWpVdyIsIndkIjp7Im8iOjI0MTE1ODMyNywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Domain
lit.connatix.com
URL
https://lit.connatix.com/08d7f5c8-0e77-43a0-8f82-a0e3b21a8414/blockedDomains_1.bin
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Domain
de.tynt.com
URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d37%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3d_33Across%26tier%3d1%26DemandPartnerUserId%3d33XUSERID33X&gdpr=0
Domain
xsync.iqzone.com
URL
http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d42%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIqZone%26api-tier%3d1%26uid%3D%25USER_ID%25&gdpr=0
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d31%26UserId%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26DemandPartnerName%3dMediaNet%26tier%3d1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=OGIyMmYwYmQ4ZjI0NDVmNTg2ZTliZGI3YjcyMmJjNWM&extra1=8b22f0bd8f2445f586e9bdb7b722bc5c&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Domain
static.adsafeprotected.com
URL
https://static.adsafeprotected.com/sca.17.6.2.js
Domain
capi.connatix.com
URL
https://capi.connatix.com/tr/ucl?v=338732
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=8b22f0bd8f2445f586e9bdb7b722bc5c
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-e1539617-5658-4d5f-b352-91258ead02d1/7da8465f-98c8-4d61-a3c1-ea0f07ad94b6/708b86ee-7dab-4dac-ab1f-8b445f8a708c.bin
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszXHAteCaa8dZUjjxKhgazD8zouZhs1qlhkadmRloCXI4RX1Dff3B1uFZa2O-RVH0Lh5KwGBRDr2ZYG-bSwYwmS_d-ZEljf9JiRqoAKcfeiIfcx-68vjgBqNIy3x0jeKdsl1KK4_LTPmhTDOikl1grybWTXneKf84VIAQ7j-aNQYpjiqSiPMwVRyLr7uB0mWDKDcx9DjmeSDejmgO17377ZTY-yobVuy7YgpkD1SQ5U4flQtCAybMLcmu0VyGgj3v4vmU4d3uoUPlvsGoCFdAoJ2D3OhSAalk0KY4LH9AEQ2FabCCvcPRO-pVxHG4LhkvBjAzn36svmcYy7L0s5dyiBLnbU2Hbs5IBycMqZPxutns&sai=AMfl-YSE0TZOdpXic_kq2WSjnqBbreWMqu9KZYXEe6r7PyPlOAGYWa_H6FAjjPhn-vgF9IbB4ooY4iONYVSQCTjoyYkLDwEMiFPM8LXFmYiO-PwrC8jXod1tEsY4KbVpaA&sig=Cg0ArKJSzOEu4PwtpjDSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
Domain
cks.connatix.com
URL
https://cks.connatix.com/cks?pid=24&ev=8b22f0bd8f2445f586e9bdb7b722bc5c&pname=IronSource&api-tier=1&uid=orX7NGTzkp_s&direct=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF1SOP23Ss0IIZRZKjO_HuTHedwUIzcUhaYEPXUWLKwVGmxun_xLm8FB6l9yDAeEIlIBIYU-x8IlRsWmJhNnp8Zm9QkJ5QLz5ti4i0AzlaF0o9d9AiXTbz-WTKoNGJ&sig=Cg0ArKJSzGaLqoyvq8VmEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2261041439&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695131479020&rpt=1446&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7FTaL06LBxVX1ress6JmG8-UmMc34n9LkefUtINUUeY9IPyWh6VnhbCgWt7DYhNPQ2hriE9SNFLOJhqf6vfeL_S98x6MDF_iNAzrThlBQYSU60cm6YQ7qO5DU5bf8&sig=Cg0ArKJSzNo_8M1NdHQpEAE&id=lidartos&mcvt=0&p=1533,411,1533,411&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1077821159&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695131478721&rpt=593&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/plugins/connatix.omsdk.service-web.js
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| guardian function| guardianPolyfilled object| curlConfig object| curl object| webpackChunk_guardian_dotcom_rendering object| guCmpHotFix function| guardianPolyfilledImport function| __uspapi object| _sp_queue object| _sp_ object| webpackChunk_guardian_commercial object| fastdom object| _sp_wp_jsonp object| __SENTRY__ object| googletag object| permutive object| apstag object| _comscore object| teads_analytics function| twq object| brandmetrics function| __assign object| _brandmetrics object| confiant object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| __spreadArray object| __sentry_instrumentation_handlers__ object| apntag function| ga object| gaplugins string| GoogleAnalyticsObject object| gaGlobal object| gaData object| pbjs object| COMSCORE object| ns_p object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue boolean| creativeVendorLibraryLoaded object| regeneratorRuntime object| twttr object| __permutive object| pbjsChunk object| _pbjsGlobals undefined| google_measure_js_timing object| __iasPET object| diagPixSentCodes object| __iasAdRefreshConfig number| google_unique_id object| GoogleGcLKhOms object| Criteo function| confiantDfpWrap object| cnx_usr_storage object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_141 object| Criteo_prebid_141 object| lotame_sync_17331 function| cnxProxyTask object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| lotameIsCompatible function| sync17331_aa function| sync17331_c undefined| sync17331_d undefined| sync17331_ba undefined| sync17331_e function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ga object| sync17331_v object| sync17331_oa object| sync17331_xa object| sync17331_ya function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_s function| sync17331_t function| sync17331_u function| sync17331_w function| sync17331_ha function| sync17331_ia function| sync17331_y function| sync17331_ja function| sync17331_z function| sync17331_A function| sync17331_x function| sync17331_B function| sync17331_ka function| sync17331_C function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_J function| sync17331_K function| sync17331_L function| sync17331_la function| sync17331_ma function| sync17331_na function| sync17331_M function| sync17331_N function| sync17331_pa function| sync17331_O function| sync17331_qa function| sync17331_ra function| sync17331_sa function| sync17331_P function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_wa function| sync17331_Q function| sync17331_R function| sync17331_za function| sync17331_S function| sync17331_T function| sync17331_U function| sync17331_V function| sync17331_Aa function| sync17331_W function| sync17331_X function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_Ea function| sync17331_Ba function| sync17331_1 function| sync17331_Da function| sync17331_Ca function| sync17331_2 function| sync17331_3 function| sync17331_4 function| sync17331_5 function| sync17331_Ga function| sync17331_Ha function| sync17331_Ja function| sync17331_Fa function| sync17331_7 function| sync17331_Ia function| sync17331_La function| sync17331_Ka function| sync17331_8 function| sync17331_6 function| sync17331_9 function| sync17331_Ma function| sync17331_Na function| sync17331_Oa function| sync17331_Pa function| sync17331_$ function| sync17331_Qa function| sync17331_Ra function| sync17331_Sa function| sync17331_Ta function| cnxAddEventListener

275 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQg-nW7aoxCgoI4gEQg-nW7aoxCgoItAIQg-nW7aoxCgoI5gEQg-nW7aoxCgoIhwIQg-nW7aoxCgoItwIQg-nW7aoxCgkIOhCD6dbtqjEKCgiMAhCD6dbtqjEKCQhfEIPp1u2qMQoJCB8Qg-nW7aox
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCHFg
.theguardian.com/ Name: GU_mvt_id
Value: 538888
www.theguardian.com/ Name: GU_geo_country
Value: US
.theguardian.com/ Name: bwid
Value: idFromPV_0g_VorszqIGCrLhPyb1Rjg
.theguardian.com/ Name: bwid_withoutSameSiteForIncompatibleClients
Value: idFromPV_0g_VorszqIGCrLhPyb1Rjg
.theguardian.com/ Name: dnsDisplayed
Value: undefined
.theguardian.com/ Name: ccpaApplies
Value: true
.theguardian.com/ Name: signedLspa
Value: undefined
.theguardian.com/ Name: ccpaUUID
Value: 698ae3bc-d3c1-4094-95ae-41c74040cc7b
.theguardian.com/ Name: _ga
Value: GA1.2.139186784.1695131476
.theguardian.com/ Name: _gid
Value: GA1.2.5024377.1695131476
.theguardian.com/ Name: _gat_allEditorialPropertyTracker
Value: 1
.theguardian.com/ Name: permutive-id
Value: af45e442-63d3-4751-bb6d-7347e87f59a0
.scorecardresearch.com/ Name: UID
Value: 1D6d39fcbce12d808f486511695131476
.t.co/ Name: muc_ads
Value: 9b1fa8cd-9b2a-4024-8d25-75355f1f73c5
.twitter.com/ Name: personalization_id
Value: "v1_aGV3e0XT98OSYH7XBIK4UA=="
.d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/ Name: pxid
Value: d3ff03a0-8f8f-49f5-ba91-7f3bd61f20a1
.doubleclick.net/ Name: IDE
Value: AHWqTUn4uPqZoMlc1i-SIGsNlVN0NXYZ5Had9bA83RcEeM7ZUpcyUrShFMCEGgCdJQ8
.theguardian.com/ Name: __gads
Value: ID=3b7857fa2335d5ac:T=1695131477:RT=1695131477:S=ALNI_Mbe1sIARf-DNoRw8-GqbkxYXHa85A
.theguardian.com/ Name: __gpi
Value: UID=00000d93d68ff1a9:T=1695131477:RT=1695131477:S=ALNI_MaA0v6LYSwwtWD2mADBzIoKCxW3AA
.omnitagjs.com/ Name: ayl_visitor
Value: 99de06ce2b03230bb8bd5498aaf143f5
.the-ozone-project.com/ Name: __cf_bm
Value: KZTcVrly0PmNqG_NVVNK1q4acjZPvFLBHhwoRH3hpjY-1695131478-0-AaBm2bp8dVyJyTxhkOR6S0QTt9AoChTL/wyvztad8TTrg3sQDhyPYXmLHrjLJ5idtFtdiqhLxKhbcW5dGXXl09k=
.go.sonobi.com/ Name: __uis
Value: 4c45ded7-0750-4102-8166-76edcf238ee4
.go.sonobi.com/ Name: _usd_theguardian.com
Value: lmqdieuj73kwojnmctlp
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 22596677
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 22596677
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 22596677
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 22596677
.go.sonobi.com/ Name: __uin_th
Value: 1
.go.sonobi.com/ Name: __uir_th
Value: 22596677
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 22596677
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 22596677
.amazon-adsystem.com/ Name: ad-id
Value: A7ovf-U3f08RuuDpM0qx1aA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 6004480877952621289
.casalemedia.com/ Name: CMID
Value: ZQmnVqk7MV794SIGn2VaigAA
.casalemedia.com/ Name: CMPS
Value: 1655
.casalemedia.com/ Name: CMPRO
Value: 1655
.openx.net/ Name: i
Value: 75a72d2c-15ff-0259-0da3-6149d82bf172|1695131478
.openx.net/ Name: pd
Value: v2|1695131478|vMgavPkWgy
.smartadserver.com/ Name: pid
Value: 2457807864703770449
.adsrvr.org/ Name: TDID
Value: 82b67018-7d76-4fb5-9b12-469927ce73b2
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fa763840-129b-5755-4167-d9f8635171e4.1rSTWvwbchsCHMlq%2Fk0uy7QgUrnEG%2FksGw502WBgfW4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fa763840-129b-5755-4167-d9f8635171e4.1rSTWvwbchsCHMlq%2Fk0uy7QgUrnEG%2FksGw502WBgfW4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-nY4QBKbV1VBZ9n4Y1Fx5CaEdko.NV6RPStgjAWguHPsPPEsJ5J%2F22yVERreAURnd0qkJAQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-nY4QBKbV1VBZ9n4Y1Fx5CaEdko.NV6RPStgjAWguHPsPPEsJ5J%2F22yVERreAURnd0qkJAQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EHwYBCDWzqaoBjABOgSEo62DQgRCxxi_.j3dIzlahIVaJbuT6pZTWfOB7kPFViI14Cz0aVCou30s
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EHwYBCDWzqaoBjABOgSEo62DQgRCxxi_.j3dIzlahIVaJbuT6pZTWfOB7kPFViI14Cz0aVCou30s
.3lift.com/ Name: tluid
Value: 2929301841228134313336
.yahoo.com/ Name: A3
Value: d=AQABBFanCWUCEJ0d-RUwp_2rUcOM7ccBWzUFEgEBAQH4CmUTZdxH0iMA_eMAAA&S=AQAAAuTOLfObTYzzjN4Ir4OROcE
.openx.net/ Name: univ_id
Value: 537072971|82b67018-7d76-4fb5-9b12-469927ce73b2|1695131479168259
.turn.com/ Name: uid
Value: 4038167191623545769
.mfadsrvr.com/ Name: tuuid
Value: 43ff3c35-f210-472d-8f57-4774d043c806
.mfadsrvr.com/ Name: c
Value: 1695131479
.mfadsrvr.com/ Name: tuuid_lu
Value: 1695131479
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
.bidswitch.net/ Name: tuuid
Value: 3665747f-ad52-4ec2-90c3-53acd2e2f29c
.bidswitch.net/ Name: c
Value: 1695131479
.bidswitch.net/ Name: tuuid_lu
Value: 1695131479
.connatix.com/ Name: cnx_userId
Value: 8b22f0bd8f2445f586e9bdb7b722bc5c
.tapad.com/ Name: TapAd_TS
Value: 1695131479470
.tapad.com/ Name: TapAd_DID
Value: e1bcbec7-523a-459a-8da1-fcef22f02ef7
.creativecdn.com/ Name: u
Value: ASN4OZWLYH6qfn68Hrab
.creativecdn.com/ Name: ts
Value: 1695131479
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-82b67018-7d76-4fb5-9b12-469927ce73b2&KRTB&22918-82b67018-7d76-4fb5-9b12-469927ce73b2&KRTB&23031-82b67018-7d76-4fb5-9b12-469927ce73b2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELGyL1iZ6bakWsWyVe_4kpY&KRTB&23025-CAESELGyL1iZ6bakWsWyVe_4kpY&KRTB&23386-CAESELGyL1iZ6bakWsWyVe_4kpY
.criteo.com/ Name: uid
Value: 2101faaa-8bdf-4080-a6a1-d4b63334a6a2
.go.sonobi.com/ Name: __uin_bw
Value: 3665747f-ad52-4ec2-90c3-53acd2e2f29c
.simpli.fi/ Name: suid
Value: E69D8D1ECFEA418DA3FD1181D44F5557
www.theguardian.com/ Name: cnx_userId
Value: 8b22f0bd8f2445f586e9bdb7b722bc5c
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E69D8D1ECFEA418DA3FD1181D44F5557&KRTB&23486-uid:E69D8D1ECFEA418DA3FD1181D44F5557&KRTB&23489-uid:E69D8D1ECFEA418DA3FD1181D44F5557
.yellowblue.io/ Name: wrvUserID
Value: orX7NGTzkp_s
.contextweb.com/ Name: V
Value: mHb9MxhElbck
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bee4ab0507c80163
.33across.com/ Name: 33x_ps
Value: u%3D212277785221535%3As1%3D1695131480342%3Ats%3D1695131480342
.tremorhub.com/ Name: tvid
Value: 25e0218b837a4d609b8243d7572ecd43
.tremorhub.com/ Name: tv_UISCX
Value: 8b22f0bd8f2445f586e9bdb7b722bc5c
.yieldmo.com/ Name: yieldmo_id
Value: 3RY4877dd47k2vCTamAM%7C1695081600000%7C0
.bidr.io/ Name: bito
Value: AABSyE7KE08AABXBedE9gw
.bidr.io/ Name: bitoIsSecure
Value: ok
.csync.loopme.me/ Name: viewer_token
Value: e3ec73e8-177a-454e-9747-183cb0ae5a93
.sitescout.com/ Name: ssi
Value: 557c3362-f00e-42e7-ba48-55b2a7abbc03#1695131480663
.colossusssp.com/ Name: gtm_usr
Value: 4ff280b4-ccca-4802-984b-a28963753e9a
.colossusssp.com/ Name: lmg_r
Value: 74
.sundaysky.com/ Name: sskyu
Value: d6.0c41150b2c8b46f2b8f09b92b071c3d9
.sundaysky.com/ Name: sskyCreationTime
Value: 1695131480766
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDB6bDVrIix0OiJuaSJ9fQ=="
.resetdigital.co/ Name: ckbk
Value: 000001111AEF1D75
.taboola.com/ Name: t_gid
Value: c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
.taboola.com/ Name: t_pt_gid
Value: c4eed67c-9468-4f17-bf02-a46becea24a3-tuctc032cd8
.ipredictive.com/ Name: cu
Value: 2614e276-f9cb-4563-921d-53cf34d28197|1695131480939
.mfadsrvr.com/ Name: ssh
Value: !sonobi,1695131481!bidswitch,1695131479
.bing.com/ Name: MUID
Value: 30E1C614D08564BA1FCBD585D1156557
.c.bing.com/ Name: MR
Value: 0
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4a06d7bfe4eb28bf329bba90c44d7e04
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEk0MEsxT0pLNUlNMrJISjM2skxKSrQ0SDYxSTFPNTBhAIJUzuWRIBoKAGbRCto%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI5VweCaSgAAARtAFv"
.the-ozone-project.com/ Name: ozone_uid
Value: 2VcNbhQQyzlsU5X3mdxWC78zrPy
.linkedin.com/ Name: li_sugr
Value: a95c39fe-9367-48b9-a703-e61f0cf8f33d
.linkedin.com/ Name: bcookie
Value: "v=2&ac75c053-e711-4365-879c-4456d66c08b8"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2987:u=1:x=1:i=1695131481:t=1695217881:v=2:sig=AQEbE4YDPD4lPkfhslPA_k-O-PQfUgar"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NTEzMTQ4MTQxMSwiMzkiOjE2OTUxMzE0ODA3MTcsIjciOjE2OTUxMzE0ODA3MTd9
.thrtle.com/ Name: mc
Value: eyJpZCI6ImIxMThhNWYwLWM0M2YtNGQ3My1iZWUwLTM3NmJiNDkwZTI0YiIsImwiOjE2OTUxMzE0ODE0MTAsInQiOjJ9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6301-2!6301
.bluekai.com/ Name: bku
Value: rlQ99aZ7YVV0Gg1C
.bluekai.com/ Name: bkpa
Value: KJy91ye1d02pSUHknp1ymE9lwtkAwEHMBePAjVxlnE9lBE9+BeWy1i6T1ERtnEztjVHMjM/pmsPkB919jMxBKQ==
.demdex.net/ Name: demdex
Value: 06912940770137393514222401346980650077
.go.sonobi.com/ Name: __uir_rh
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_rh
Value: ASN4OZWLYH6qfn68Hrab
.go.sonobi.com/ Name: HAPLB8G
Value: s8634|ZQmnX
.go.sonobi.com/ Name: __uir_tl
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_tl
Value: 2929301841228134313336
.go.sonobi.com/ Name: __uir_eb
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_eb
Value: CAESECdODFpmou7qCajxtPKc_5Q||1
.go.sonobi.com/ Name: __uir_an
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_an
Value: 6004480877952621289
.go.sonobi.com/ Name: __uir_yh
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_yh
Value: y-V.Jf8TtE2uEqSIhIBpf2SCTHUywwESxXwePyato-~A
.go.sonobi.com/ Name: __uir_ox
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_ox
Value: 0d26ae77-6dac-0aa1-2c4d-a0879e3a83ca
.go.sonobi.com/ Name: __uir_td
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_td
Value: 82b67018-7d76-4fb5-9b12-469927ce73b2
.go.sonobi.com/ Name: __uir_pp
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_pp
Value: mHb9MxhElbck
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-2614e276-f9cb-4563-921d-53cf34d28197&KRTB&23011-2614e276-f9cb-4563-921d-53cf34d28197&KRTB&23355-2614e276-f9cb-4563-921d-53cf34d28197
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553&KRTB&23418-557c3362-f00e-42e7-ba48-55b2a7abbc03-6509a758-5553
.kargo.com/ Name: ktcid
Value: 5106853c-5fc4-073d-5d7f-aa1ac5d2b9fa
.deepintent.com/ Name: CDIUSER
Value: di_9ae570fcb4144021a821d
.quantserve.com/ Name: d
Value: EJcBCwH-KfijAA
.quantserve.com/ Name: mc
Value: 6509a759-80a36-0247f-9dcb7
.dpm.demdex.net/ Name: dpm
Value: 06912940770137393514222401346980650077
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6004480877952621289&KRTB&23339-6004480877952621289
.adgrx.com/ Name: ADGRX_UID
Value: 9d8d946a-56f3-11ee-8af4-6e5154bc90cf
.bfmio.com/ Name: __187_cid
Value: 7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
.bfmio.com/ Name: __io_cid
Value: d5574d447222e67913726c91f17d97f426bce3cb
x.videobyte.com/ Name: vbxuid
Value: 9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3&KRTB&19420-wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3&KRTB&22979-wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3&KRTB&23403-wzGnbpQzom7YPKc2xjK6Z8cwoDHYPfM0lzO9c0S3
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 5904f73c-dda8-47cb-bd0e-4b7458357fab
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A7302401164112776707
.serverbid.com/ Name: CONSUMABLEID
Value: 632c33308fa04443ac33308fa04443b8
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-9d8d946a-56f3-11ee-8af4-6e5154bc90cf&KRTB&23275-9d8d946a-56f3-11ee-8af4-6e5154bc90cf
.smartadserver.com/ Name: csync
Value: 127:AABSyE7KE08AABXBedE9gw
.intentiq.com/ Name: intentIQCDate
Value: 1695131481702
.intentiq.com/ Name: IQver
Value: 1.9
.theguardian.com/ Name: _cc_id
Value: 4a06d7bfe4eb28bf329bba90c44d7e04
.theguardian.com/ Name: panoramaId_expiry
Value: 1695217881656
.creative-serving.com/ Name: tuuid
Value: b3ad9a4a-198f-43ce-928b-fa9b4088c476
.creative-serving.com/ Name: c
Value: 1695131481
.creative-serving.com/ Name: tuuid_lu
Value: 1695131481
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALymlFxLFK9QNDixQQAAAAAAA&KRTB&22713-AAALymlFxLFK9QNDixQQAAAAAAA&KRTB&22715-AAALymlFxLFK9QNDixQQAAAAAAA&KRTB&23519-AAALymlFxLFK9QNDixQQAAAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1my8|4is.0.CAESEP5AvkdEmAv9qPt7ayYDEN0|7Xz.0.1|7LJ.0.4c45ded7-0750-4102-8166-76edcf238ee4|7dN.0.AABSyE7KE08AABXBedE9gw
.360yield.com/ Name: tuuid
Value: 276e7954-d5a6-4722-84d7-5af92c52e11e
.360yield.com/ Name: tuuid_lu
Value: 1695131481
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MjU2NTMwMDa2MBHiM9SNcHFzL0jPjU8MDzEGAKCrwbMlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MjU2NTMwMDa2MBHiM9SNcHFzL0jPjU8MDzEGAKCrwbMlAAAA
.go.sonobi.com/ Name: __uir_bw
Value: 97051997325806665
.go.sonobi.com/ Name: __uir_vb
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_vb
Value: 9a8c4d0b-1fd3-48ce-9f2c-60465c51989a
.go.sonobi.com/ Name: __uir_co
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_co
Value: 50e9ac084d244783a9ac084d24c78341
.go.sonobi.com/ Name: __uir_zt
Value: 97052005915741257
.go.sonobi.com/ Name: __uin_zt
Value: 1783777325356003384
.technoratimedia.com/ Name: tads_uidp_37
Value: 2a303cc1-570d-3361-9dcc-d56d5662fe4c
.technoratimedia.com/ Name: tads_uidp_44
Value: LMQ09E6P-1E-JSKJ
.technoratimedia.com/ Name: tads_uidp_46
Value: 8767038045169439063
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAB2fUqqnToRgM2PBpeAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 65241aeb-60aa-4c47-a945-cce1a5057e43
.technoratimedia.com/ Name: tads_uidp_61
Value: 212277637744163
.technoratimedia.com/ Name: tads_uidp_62
Value: 3381108171523986000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: Q7Qf1rrgkUOBXOxe0kxq7qCweWqzgSRU
.technoratimedia.com/ Name: tads_uidp_73
Value: AABSyE7KE08AABXBedE9gw
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-2db287d3-b197-47df-a5a5-44f4cc64ea37-005
.technoratimedia.com/ Name: tads_uidp_79
Value: 15659ccb-ba29-4a4b-b29a-804129a128b2
.technoratimedia.com/ Name: tads_uidp_80
Value: y-EWkv_6tE2uHEFYkMcRITJcvvV9erdSa0~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZQlOPtt6YBQNI36pyWCQ0AAA&2935
.technoratimedia.com/ Name: tads_uidp_88
Value: 4309994762400810560171
.technoratimedia.com/ Name: tads_uid
Value: FD8F9E688085478995032E5336D5DACF
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230919073113+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.id5-sync.com/ Name: id5
Value: 3067051e-d749-7ed0-af3c-299c4ec027b8#1695131481921#2
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABSyE7KE08AABXBedE9gw
.rubiconproject.com/ Name: khaos
Value: LMQDINP9-12-6QC4
.rubiconproject.com/ Name: audit
Value: 1|/uk7ymWj3lp57DnwkaanvdaBl3DKPUNffeTcKNSjFFmbz16xSA9sXVJMKHVDPMy+2Vp4G7oMFVNCqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXGF4Gdf5An4a3CIA43RpoQF2VjNQwH8cwiI2xlsVWwrlhEvvJ41y0qrhieXv+q4RQg=
.gumgum.com/ Name: vst
Value: u_127b9e15-6fec-4b46-8749-7842a0f0127f
.rlcdn.com/ Name: rlas3
Value: kqhmawf+FnTjWiLGwS8cSyCZsx3/jgw8rJ5BVyI12LM=
.rlcdn.com/ Name: pxrc
Value: CNjOpqgGEgUI6AcQABIFCOhHEAESBgi46wEQBA==
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4038167191623545769&KRTB&23150-4038167191623545769
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--nY4QBKbV1VBZ9n4Y1Fx5CaEdko&KRTB&23334--nY4QBKbV1VBZ9n4Y1Fx5CaEdko&KRTB&23417--nY4QBKbV1VBZ9n4Y1Fx5CaEdko&KRTB&23426--nY4QBKbV1VBZ9n4Y1Fx5CaEdko
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1783777325356003384
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_9f565162-56f3-11ee-8ee3-12fa6b58ae11
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-5904f73c-dda8-47cb-bd0e-4b7458357fab&KRTB&23340-5904f73c-dda8-47cb-bd0e-4b7458357fab&KRTB&23498-5904f73c-dda8-47cb-bd0e-4b7458357fab
.mxptint.net/ Name: mxpim
Value: R33645_10940CEF7_4EBD3BC3.1.00000000000000006509A75C
.adform.net/ Name: uid
Value: 8032832714304770988
.w55c.net/ Name: wfivefivec
Value: 0uGLMbaw1QIB8o5
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10940CEF7_4EBD3BC3&KRTB&23092-R33645_10940CEF7_4EBD3BC3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8032832714304770988&KRTB&23263-8032832714304770988&KRTB&23481-8032832714304770988
beacon.lynx.cognitivlabs.com/ Name: ss
Value: e3w3%2BDI%2FEf0StntOcCG0F1GB5ODHBAUELyGIv49fudK2WvOimATjLL90046JsG7JZo51vM0A7TGnhb5AV%2FYmag%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:0uGLMbaw1QIB8o5&KRTB&23421-uid:0uGLMbaw1QIB8o5
.ctnsnet.com/ Name: cid
Value: 32c718dfa6824e369b7a7d6ac7326e2d
.lijit.com/ Name: ljt_reader
Value: HWPfiRZHLE13_QiPRl2H0AHU
ads.playground.xyz/ Name: connect.sid
Value: s%3ADP39Se9qTBiVewfnuVs3mLiKmjA_zhU3.I5WuvLrtSl1f%2FwoJ9D8FtORP4UZ7p0tGEQjblfiRyCA
.nrich.ai/ Name: _nauid
Value: 5d3a4360-c386-4183-80c2-ab45771c25f5
.lijit.com/ Name: _ljtrtb_85
Value: AABSyE7KE08AABXBedE9gw
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005%22%2C%22nxtrdr%22%3Afalse%7D
.liadm.com/ Name: lidid
Value: c3c9e8ba-c5d5-4e85-9aaa-06c8be9dd1bf
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23413-7E1BF2AF-62C2-418E-A3AA-D101FB5B4308&KRTB&23505-7E1BF2AF-62C2-418E-A3AA-D101FB5B4308
io.narrative.io/ Name: io.narrative.guid.v2
Value: 9fc71491-56f3-11ee-9828-02e4221a2b5f
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3665747f-ad52-4ec2-90c3-53acd2e2f29c
.pippio.com/ Name: did
Value: xWAyMoshNC69TdRj
.pippio.com/ Name: didts
Value: 1695131485
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CN3OpqgGEgYIgr0rEAA=
.adx.opera.com/ Name: UID
Value: OPUa8db507c5a5c4c0eb726e8ce08e02c85
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUa8db507c5a5c4c0eb726e8ce08e02c85&KRTB&23485-OPUa8db507c5a5c4c0eb726e8ce08e02c85&KRTB&23524-OPUa8db507c5a5c4c0eb726e8ce08e02c85
.tribalfusion.com/ Name: ANON_ID
Value: amntuJy4ZawFBA9MAIAno9h15ZdSZdjMFZcd2tpyMKSmiE1DfNjyrtEFOjVtPixyZcTaTnoshZbKchfB1py2atVvq4FVwG
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005&KRTB&17107-RX-5b5a30d2-67e1-4327-8890-a6d68fa6eafa-005
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwVbJScnR0Cq50Nfd2NbAAMiOcUlNcLdPLlWoBgUgIrw%3D%3D
.lijit.com/ Name: _ljtrtb_92
Value: 6004480877952621289
.id5-sync.com/ Name: 3pi
Value: 434#1695131482077#-1027300922|2#1695131484125#-251501110#6004480877952621289|441#1695131483856#-163176564#u_127b9e15-6fec-4b46-8749-7842a0f0127f|1241#1695131485308#829887518|203#1695131484700#618475497#2101faaa-8bdf-4080-a6a1-d4b63334a6a2|155#1695131484913#-1838464749#AABSyE7KE08AABXBedE9gw|796#1695131482280#662820954|108#1695131482683#-348931662|429#1695131483090#1318435579#7E1BF2AF-62C2-418E-A3AA-D101FB5B4308|1246#1695131485798#829887518
.c.appier.net/ Name: _auid
Value: uy90B5zCAEWTTGqJXacJZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-uy90B5zCAEWTTGqJXacJZQ
.rezync.com/ Name: zync-uuid
Value: b88c4f4f-d1e2-4342-804f-677cb69ca377:1695131486.1698945
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlqaGxoYmFiYmg8Sdg8ycIi2STNJE03xTDVSNfE2MRI18IAyDUzN09OMrNMTjQ2N7eCazLTAzItLE1MZwkjTDIzMjNbhMZfJYrgG1pYGgMA2QFQQXoAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3HwRGAMAgEwI_t4Ei4cGA3hphCrNz8dr-DI6KwsGTq2wSGJnHtOlnDsx4jb_XsaorwczMS_QdQ6xXJOgAAAA
.acuityplatform.com/ Name: auid
Value: 829426950637
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRSs2XCigmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUrNlwooI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.media.net/ Name: visitor-id
Value: 3381330861524213000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-829426950637&KRTB&23428-829426950637
.pubmatic.com/ Name: PugT
Value: 1695131485
live.rezync.com/ Name: sd-session-id
Value: .eJwNjEEOgyAQAP-yZ22AXdiFzxjFNSGttBF7qfHv5TaTTOaC6aPHPletJ6Tz-OoA-VW6NUgXtPLb9QkJLAsyMzqPPhiDKAT3AE1bK-86lbU3i0imjbZxtepGQnKjmK6BOS8h5rkfkg3RW7Qk4dFRInm4_7FQJYw.ZQmnXg.SRUyZ5FwFj4BmUpQyxWhr-7mla0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1696118400%3A257%7C1695168000%3A255_248%7C1695686400%3A252_265_253%7C1696291200%3A228_256_235_261_226_260_201_219_262_258_236_259_245_263
.pubmatic.com/ Name: SyncRTB3
Value: 1695945600%3A63%7C1696377600%3A35%7C1696291200%3A56_233_165_81_240_55_166_8_178_21_220_48_249_250_54_243_99_104_214_71_264_13_96_22_3_5_46_176_231_204_234_238%7C1695686400%3A15_2_38_223%7C1700265600%3A69%7C1697673600%3A224
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7484178861028887040P
.owneriq.net/ Name: pmc
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A6gwNdLYUSfZzqbz%2FF19YiIIkV1ftsYlz
.audrte.com/ Name: arcki2
Value: b6bpFl3n8f-TJOrqljh90l8zg!20220908!1695131487115!ip#38.132.118.74
.audrte.com/ Name: arcki2_pubmatic
Value: 7E1BF2AF-62C2-418E-A3AA-D101FB5B4308!20220908!1695131487118
.dotomi.com/ Name: DotomiTest
Value: 1bd1cf5340102130
.audrte.com/ Name: arcki2_ddp2
Value: b6bpFl3n8f-TJOrqljh90l8zg!20220908!1695131487246
.adsby.bidtheatre.com/ Name: __kuid
Value: cbb7322a-159c-4c6e-9497-16d6392ff5be.464345487
.onaudience.com/ Name: cookie
Value: 8d13c74110efe855
.onaudience.com/ Name: done_redirects147
Value: 1
.audrte.com/ Name: arcki2_adform
Value: 8032832714304770988!20220908!1695131487427
.semasio.net/ Name: SEUNCY
Value: 4EF64DFF449825D2
.onaudience.com/ Name: done_redirects236
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: c0362520-7da2-4ac9-84d5-fbbc3f29d884
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2e0d:18z8~2e0d:1991~2e0d:19bl~2e0d"
.eyeota.net/ Name: mako_uid
Value: 18aadb5cece-29200000010a5322
.eyeota.net/ Name: SERVERID
Value: 21282~DM
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI-rjliLHInDwQBRIXCghwdWJtYXRpYxILCKCLtoyxyJw8EAUSFAoFdGFwYWQSCwj-3JuOscicPBAFEhYKB3N2eDl0NTASCwiomo-escicPBAFGAEgASgCMgsImKbsi8jInDwQBTgBWgZleWVvdGFgAg..
ads.avct.cloud/ Name: uuid
Value: 4b8c12c3-2316-455e-b2fe-e349d5a4d07b
elb.the-ozone-project.com/ Name: AWSALBTGCORS
Value: wSRpzSslnW//hTwOfqNe9TtYb6C7+3o4Z+wJB9KhrD18+M+AdkUA/oRFzY/ehwN7tWpt/bM8bqsiRKAiJZ2V5WRq1nnx9hB1BuzcZC5foiD863jNo/ABFaOzgwuQAdHQ1u/E9dYlx34GLzsUlakAP7glqH59acHW8LQrDoKg4JWXeVbx3Ic=
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2MDA0NDgwODc3OTUyNjIxMjg5IiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjcuMDcwOTI0MzQzWiJ9LCJhdm9jZXQiOnsidWlkIjoiNGI4YzEyYzMtMjMxNi00NTVlLWIyZmUtZTM0OWQ1YTRkMDdiIiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjguMjU3NjgwMDk1WiJ9LCJjb252ZXJzYW50Ijp7InVpZCI6IkFBQUhTWTQ5MnNPcFJnTlpjM0tMQUFBQUFBQSIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjI3LjI1OTg3OTc0WiJ9LCJncmlkIjp7InVpZCI6IjM2NjU3NDdmLWFkNTItNGVjMi05MGMzLTUzYWNkMmUyZjI5YyIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjIzLjE2NTIzMjczOFoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiMjc2ZTc5NTQtZDVhNi00NzIyLTg0ZDctNWFmOTJjNTJlMTFlIiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjIuMDEwMzYwNDA5WiJ9LCJpeCI6eyJ1aWQiOiJaUW1uVnFrN01WNzk0U0lHbjJWYWlnQUFcdTAwMjYxNjU1IiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjYuNzk3MzA1Njg4WiJ9LCJrYXJnbyI6eyJ1aWQiOiIyMmU4MjVlZS1iYTI4LWMwN2MtYjQyZC03NzRiODhlOTMwNzAiLCJleHBpcmVzIjoiMjAyMy0xMC0wM1QxMzo1MToyNy40MjgyMjA0MTNaIn0sIm9wZW54Ijp7InVpZCI6IjlmZDU5ZGJhLTA1ZTctMGU0Ny0zY2Y5LTY5YjQzZDU3MDAwMiIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjIxLjY4Mzg5MzE4MloifSwicHVibWF0aWMiOnsidWlkIjoiN0UxQkYyQUYtNjJDMi00MThFLUEzQUEtRDEwMUZCNUI0MzA4IiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjYuOTIyNzAyMzg5WiJ9LCJydWJpY29uIjp7InVpZCI6IkxNUURJTlA5LTEyLTZRQzQiLCJleHBpcmVzIjoiMjAyMy0xMC0wM1QxMzo1MToyMy41ODgyNDY0MjhaIn0sInNoYXJldGhyb3VnaCI6eyJ1aWQiOiJjMDM2MjUyMC03ZGEyLTRhYzktODRkNS1mYmJjM2YyOWQ4ODQiLCJleHBpcmVzIjoiMjAyMy0xMC0wM1QxMzo1MToyNy43MjMxNjYxMzdaIn0sInNtYXJ0Ijp7InVpZCI6IjI0NTc4MDc4NjQ3MDM3NzA0NDkiLCJleHBpcmVzIjoiMjAyMy0xMC0wM1QxMzo1MToyMy4yOTMzMTYzNDRaIn0sInNvdnJuIjp7InVpZCI6IkhXUGZpUlpITEUxM19RaVBSbDJIMEFIVSIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjI4LjQ5ODcxNjMxOVoifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIyOTI5MzAxODQxMjI4MTM0MzEzMzM2IiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjEuNDk5NjYzNTc5WiJ9LCJ0dGQiOnsidWlkIjoiODJiNjcwMTgtN2Q3Ni00ZmI1LTliMTItNDY5OTI3Y2U3M2IyIiwiZXhwaXJlcyI6IjIwMjMtMTAtMDNUMTM6NTE6MjYuNjEyNjgyMTk3WiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LVYuSmY4VHRFMnVFcVNJaElCcGYyU0NUSFV5d3dFU3hYd2VQeWF0by1-QSIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjI3Ljg1Mjk1Nzg1NloifSwieWllbGRtbyI6eyJ1aWQiOiIzUlk0ODc3ZGQ0N2sydkNUYW1BTSIsImV4cGlyZXMiOiIyMDIzLTEwLTAzVDEzOjUxOjI2LjQ3NjA0MTIxOFoifX0sImJkYXkiOiIyMDIzLTA5LTE5VDEzOjUxOjIxLjQ5OTY1OTc5MVoifQ==
.pubmatic.com/ Name: SPugT
Value: 1695131488
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQmnaAARlMmTaAAb

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone, midi, geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207E1BF2AF-62C2-418E-A3AA-D101FB5B4308&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Message:
Refused to load the script 'http://xsync.iqzone.com/psync?t=s&e=376&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d42%26ev%3d8b22f0bd8f2445f586e9bdb7b722bc5c%26pname%3dIqZone%26api-tier%3d1%26uid%3D%25USER_ID%25&gdpr=0' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript warning URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cds.connatix.com/p/338732/connatix.playspace.js?cid=982b4f37-b77f-4784-979c-45650448d9a5
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://www.theguardian.com/us-news/2023/sep/18/hunter-biden-sues-irs-taxes
Message:
Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNjOpqgGEgUI6AcQAEIASiA4YjIyZjBiZDhmMjQ0NWY1ODZlOWJkYjdiNzIyYmM1Yw' because its MIME type ('image/gif') is not executable.
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=4c45ded7-0750-4102-8166-76edcf238ee4
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri https://*.gracenote.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f194e46a4eaffd2b4ece8782be82eba.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ad2.360yield.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.nextgen.guardianapps.co.uk
api.permutive.com
assets.guim.co.uk
at.teads.tv
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.permutive.com
cds.connatix.com
ce.lijit.com
cks.connatix.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
contextual.media.net
contributions.guardianapis.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
csm.va.us.criteo.net
csync.loopme.me
d.turn.com
d31otfhas71ais.cloudfront.net
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
de.tynt.com
de9a11s35xj3d.cloudfront.net
dis.criteo.com
dis.eu.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid-mercury.criteo.com
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.ctnsnet.com
i.guim.co.uk
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ins.connatix.com
io.narrative.io
ipac.ctnsnet.com
js-sec.indexww.com
lit.connatix.com
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.grid.bidswitch.net
nep.advangelists.com
ophan.theguardian.com
p.rfihub.com
pagead2.googlesyndication.com
pdc.bidswitch.net
pippio.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb-use.mfadsrvr.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sourcepoint.theguardian.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-sync.bidswitch.net
us-u.openx.net
us01.z.antigena.com
vid.connatix.com
vop.sundaysky.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.theguardian.com
x.bidswitch.net
x.videobyte.com
xsync.iqzone.com
ads.stickyadstv.com
ads.yieldmo.com
bh.contextweb.com
capi.connatix.com
cds.connatix.com
cks.connatix.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
csm.va.us.criteo.net
csync.loopme.me
de.tynt.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
image8.pubmatic.com
imasdk.googleapis.com
lit.connatix.com
match.bnmla.com
match.sharethrough.com
pagead2.googlesyndication.com
protected-by.clarium.io
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.technoratimedia.com
us-u.openx.net
vid.connatix.com
x.bidswitch.net
xsync.iqzone.com
104.18.25.18
104.18.26.193
104.18.41.104
104.19.150.54
104.244.42.133
104.244.42.3
104.36.113.107
104.36.115.111
107.178.254.65
13.249.42.27
13.32.87.78
141.226.124.48
141.94.171.213
142.251.163.154
143.244.220.80
146.75.32.157
151.101.193.111
151.101.66.49
159.89.246.130
162.19.138.82
162.55.120.196
169.197.150.8
172.105.232.22
172.240.155.68
172.253.63.154
172.64.144.78
172.64.146.152
173.231.184.20
174.137.133.32
178.250.1.9
18.164.78.45
18.211.166.244
18.223.200.255
184.28.136.218
185.167.164.49
185.184.8.90
188.166.17.21
195.244.31.10
195.5.165.20
198.148.27.131
199.127.204.171
199.38.167.131
20.40.202.2
207.198.113.87
23.105.12.136
23.105.12.171
23.196.184.208
23.20.19.153
23.205.56.163
23.34.248.177
23.41.169.52
23.61.60.237
2600:1f13:800:7780:6781:2538:d349:ce7f
2600:1f18:4e9:5a07:8b66:4b2b:aa38:cca9
2600:1f18:612b:4280:ac3d:4c40:fa62:5be7
2600:9000:244b:3a00:8:48e:53c0:93a1
2600:9000:269f:9a00:6:1e88:a100:21
2600:9000:26c6:8200:17:b93b:fa40:21
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:20::ac43:4842
2606:4700:4400::6812:2b5a
2606:4700::6810:3865
2606:4700::6812:19ad
2606:ae80:1451:17::1400
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::66
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::93
2607:f8b0:4004:c17::9d
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::2
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:200::367
2a04:4e42:400::367
3.161.212.32
3.162.3.122
3.162.3.48
3.162.3.68
3.163.80.98
3.214.50.117
3.217.186.3
3.221.40.21
3.224.224.255
3.228.73.196
3.231.182.141
3.232.240.137
3.232.64.79
34.102.163.6
34.102.253.54
34.107.254.252
34.111.113.62
34.199.244.199
34.200.65.202
34.239.25.202
34.98.64.218
35.172.171.236
35.186.193.173
35.186.253.211
35.190.60.146
35.194.66.159
35.207.24.140
35.211.178.172
35.211.206.254
35.211.85.235
35.211.91.9
35.214.178.127
35.241.9.51
37.157.6.237
38.98.69.175
40.76.134.238
44.194.131.144
44.217.241.9
50.16.128.129
50.17.145.177
50.57.31.206
51.68.39.188
52.19.113.29
52.21.109.44
52.210.213.112
52.223.22.214
52.223.40.198
52.3.159.23
52.3.238.251
52.4.122.177
52.44.127.59
52.45.70.160
52.46.128.147
52.86.10.106
52.86.26.20
54.144.230.125
54.167.134.46
54.192.51.26
54.196.73.80
54.204.10.18
63.251.28.133
63.251.86.49
63.251.86.50
68.67.181.211
69.166.1.35
69.166.1.64
69.173.151.100
69.90.254.78
74.119.119.150
8.28.7.81
8.28.7.84
82.145.213.8
0222247e0db48c16afb7eeca10087c088a21fb5d8483710edfb90415f1ae68d4
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0739a00c2da860ed48ca432fca706434f75a182c107fda9328d0be9e3ead33d1
0a317045407e197c827358d312af14bc2abd9abe54ae1e8a75381a9e812dcc99
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc06b5ce5c4f8f9b2be719b3f15c6bd3d01cafbd42869cd0a0128c635e874f4
0c91c7be8598e4210598593943d3482dcc8404c79a7c568b12fe3b781de1a757
0d6ae83e363b308bd8ebf49f4c9cca45c2427ff66c5654250057608f2ecb2685
0e8ced7016614b088dd56ac7f22783fb056ddceec9870c54ac6790a207d2cf5f
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
1177b039d9385727cd48ccddae0464b4d060e796568592b47c45bddc761c937b
11c18a946d974537076fea01010eb8c57b94c8e17727ef817b89e69c40ec999c
1322f79d4f101c5479d6e213b5cc2811743b506f029a464916794bdf39790d1c
1492af2467ea07e575057df710c439960399d3f693c6a2186e48436a211d5cc7
14f7598dd277c75df5375d0b80b84b7ac2e85c07b144e176ae37af4d52526c17
164337642c576042eaa82d533242c334dc9521848b0bb5f5ff568ca67e0fa9fc
16f8db1ce03357a928f76cc40dd1516fc17c49311382dbffd197651395cf6d10
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18fb19c3d2ae0a120b44e037764226d279b209474bde953aacee461cfe8bfb95
1b56213fc4d345b195115f1890e2fdaf122b497be3ba3cd6fff37f31bae7b73a
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c8f3e3423e9ebcee7922d0d0314a83a6ad5a3f415433ac560e32f6a9fcd50ea
1d07b71f9ef005dae93973faa7d665a90e18362b22f11046cb18fdd440563a37
1d76f32ec0ce0c21dd154daf579d03667b4f62d43748855259d45af422854c39
1ddeab5a7111c718bd424febd360830eac1f8ae94bed13f6e5983a96ceb39a58
1f6b2b62d2f6d7d86be696b424b6d11d1af29308d934371f9697a8659f27898c
1fb6931a8318b7efa7655ff7af82d1dc9293c5661614183fc7ad7c9e4a95c8ba
2826ab783d04a9e6446be25431854ccd2515f0fc5b61bea04bcec3c90732dd60
28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7
2a268bf60c56c4ab830d2b966f041ab77627a5560202079fea904b1e6198234e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b4b1328e950b999005ee53309cd1fc663e70b7d36c2821112e101a4d710e31e
2b50781866a411fdfa9b2d78a0da31f51274fa82fd29a430f650de0807557afc
2b8dcd580431e83a1410be6d8ec49e93174361927b51d1109d7853177d373cb3
2d463e50eec4ebfe75a372a4f3781323ca5034a592345043a0fa442b2fec8a4c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0ceff56a6cf2add3b3f2ddf8a0194e3917afd8858579b6644369cf098aac5f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f872665443e03f8d7f0eea45c771f2bbe16f7f18d130b848e62dabbaf2553af
3021fe2d0dfdb7cd1430b4b8bd0cbde53a3e4cf6df939d67fc625bf9ab22294e
3101c4fdfc11ba415276c882c1a8c730038de60ce66a48467e79c69fb379259c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3257bf18ae27db7e5e263c861cd979440647112ef03b8b8db173c0c5d403ba8d
366fc428538672ec209c6f3b7baee44aced7059bb1a84742a693037520539ceb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b91f0d696768070d10721d141b95d6bd30e1b685847c1c131e3066593983b1
36fd321528cbd7b53230b9f423cf7c59bb05eb3fcc889fe6c5cbb3ce830ef65e
38baea446a33ee46efe9b56ad948573a8f1760c6bc1fa3bfbae1ecfe55a39845
3aa5ed0822f984bd2845d2627101cdbe0228720a9597f165c872d855075bb5d8
3c523771deaa37f6917ba6c9b53d9b144bebf8c7bd91980e5a31f2562b3a5d39
3dfd52302c57f0c4900abbaec57f31089de90b5b05c0abaad2ed7b30be729db0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41f35149ca7325ec9a5ea602b86ccca6d8f27257b83e33137785699a6a2170a0
42b4345acdb5d126291d66538e7b1b8a3ab06e2c96d5ee29a23ce631e5064cd0
432eddcd91b613348120103186872d143fc3ff689ce3b690b81fa4f548d45a50
4398278fdaa6aed7509ca833f331aaff9bcab606bc42f7bf08ae98880b5350cc
43deedf35812e91fe2c85eb44184bbc2970f06e231accf2c1b06ee62fddf1acf
43ed4048ef542bd40450cd70e840beca7fcadf4530652e4692ff01b0b3d23f08
43f89f3dc1f04ce6e582ff490add0437b89776f9df970c93fc85b2fb5be7209a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49306570f3ccfefb7f7ffabad66f48bc2a1dd58cb4dfd77572b40d267d0a4e6c
49825a9d07159d14e425df0057c44159dfcd9732cb17ed20abac8b45e51fb81a
49b5b459886b2f82939da5f23b8019b6feccf903246b66ebfa0173de7b3ec167
49fe7a10f4d8865b1d1e9fef7e807cf8168f1362ede952e87ceda9222ebd3261
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c6b4b6276b4e6e07bf32da003558fa9b4f95ba2c262f0b0e5210abbcc3667ff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
50b78262406fae346439db7416ff61b416acb5ce0918a52f9722228b1a1c0a18
50eb870b8700be4c8462acb148814db55da13df007fc6913cb99f453c1cac019
526aed0eb9e964bb2824955f92116a1e4648d8540bf556ed123e3d6ec126c5fb
52bb0178333e9d445ec5d4e0bae687452510bc8ade17396621fd0805a0d00f96
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
535d706b769b18ed77e16079b8ba1ea85275717e378fec8b5007872f54937622
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5acf7e7ffa0982cc72e25c0486c5a23beff613ae22f9fd7cd8f3fd83f2af0366
5b3632fdcd9f397eff034fcd7b14976432cefa384334d1e3b69a2730e3cf2f2f
5c5b58e7b055b2e29aec56744d40c756431857020eaab738da60074b5861df9f
5dbf1edc6860757822903508c99bbebdcc30e003853119686a13e014e1437194
5e412cde204a9f444be1f0f57c9ede67c4069ef3fa637f874b1f601d574023d4
6061f9487157293ba0c2fd9fe400faaf382ba6aec43c51021eea460a5562ecf0
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
60eb5e627cd4921d07e028792685e1f7ec5575fbfd116728401a3cc5aa1ea7b4
6190e8a10fad3d177e158ce3a75f4654335b5a9b658cf2de25e87bf7f8cd9466
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fd3168098a3c691cdd6bb7733ee625696f69b6ea0ea9f015a3a8f96632756b
6387f4413f039cf311fe4e04a1c621e77e78a2f6ab64de2c8ef4e3d3e4a59e89
63ee51a661e8ea8de4e6b8c57459de36ef92be6892fb6ae549da3c8219311924
663254dd2b17ab293e8c255113e86eae48e9fb9dc0035cede9ab3ce3927bcb76
68355445895697a703bc1052f5107c95062017dc0a6eaed9147258abce1445d0
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b86d40c2f5d8a717c9e5c32f462cef9f15e53a63ffd4a0e3a517f407429f12a
6f88fa8a4daaaa1d0d95939b010285406f075e50e9e53bc8b613d3afbf12f4a9
70afbebc74da63aa716bff829b746e1d490df704bd19c14aef7bcc1c103a2a33
7453d4bae4ee6075ef272977ae4823eb982f5c76dde43e342273b5f914488e02
75370d4c5c51601c515f1cb46fdea912e1a8739c2e30425fa6978d793ef5a3ef
76e82444ee7b7f4cdb120917038977e523b4ac49870ad24736835e44e5a2ac6d
7be1f66ac6d1e1acc62ffbd95d9e25e2c25bc8e5bde3df76842fc43ec7e41f7d
7c38ee2124dd62321874a1dcfe34f348d09991ec98e92305940cbd8517d0db19
7de4def25eed67f6cf96742b3cbb2d0f1a8a29a1136892206959bea84437e4a8
7f4cb2b484ba8d5fb2bedef24d169a480e15d44e9888896c011f5a2ae8b1a1c0
8140ed15f69a1e8d4f9be7548fcf56bf1073ceb2ce609387bd8fdc0985698c9b
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82b4916d5cae8f0865d9763c14701576c3019e9316f4c00f35a31551c80cc574
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85b820b5e415f4a9c4d29f2904f89bacc007072fbed17ea3a63c20cd2d762705
863a415169ccca63f57929b2c9a463ca7e5cf3e4ef7d9688ea957a47c5a21087
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
8b19757aa154780ef70b03267727892c9468f3f7944885a6e739e7420f7ea7da
8b91ccd9f9aaf52b43455d455344f2db729f7c2d083733d323efec1e7a680409
8bb4eedeadb762f5d727ee9be0184748c41960d50d59f74ad8d8839a98b951c1
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
8d9f9eb2d46ae85b35405642aeafbb3d07264df318e51ef6ef7a87dc1648800e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91cfd74fe60df14c0c2d2a3819f4fb78d2560f378f5f0fa3fc9bf8ae825228a5
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed
92c00fa671721bfecf79e6c7accb84612cf6919e84f4ba98a9bb36e8d76ae82e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bf600e3e50a5dfb86a46ea3f69bd2f9f420e5f4a4e90ab164459b166cce695
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b6819dbce4b028da82d34071389fc29ce60c6c242861522bb0be83e1994159f
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a081b1e4efba17fc7c5b83c7b3547b3e15712018f5a74c10cd09dd69776c8393
a0f4e6bfa01bc2c9eb8934475a54ba0250c939df09a060d3ab3f23f97e685d17
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
a3965fc97570f16c3657e41fb39fe92914939f4716dea6a287ebc9e87301a561
a7d92354ef95b65d39e9d09e392e4b96ecc7e325afdccbf6abee2e5673c5d89d
a93c2eb8e1ec99a554039350d0e78119271045184cb17dec8ece94050e333d12
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acdedcb326dbad1f93ec6b1c0cd168678577bcde6f8ae1e936444e515bf63c91
acf6d8bcb76ed037c2262bc9819dcdfbde9b080b77fe83530899c9eba8e743b4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b06612c6b5eee5513b2ccd73dbe8e56d08ee8aeca5992cabae45d51d4aff4321
b0f9b84dd692284b63f0a0a596fd6f682b1bc24f263b313ef4cc10a89d0d2b7d
b12ab650ec539096d54fa61af36b4670820a02313cbfdbc0c8346d9bc2452b03
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b5b91409751a3105641f36be77b6a6c734c2be3f7f29282652085847d602e6
b3571b492bfaa7304b220cc51f34a11ca45fbe9b0f8ab6435d1d682bea60cd25
b38bc5ad556ae09ce878ba7829808ec2b47151089f82d7dcfc61260d69c004aa
b4da9e7d938d6d5c3f7ccd6ee234d8c733ea87dc1b548f0b296a843430c00f39
b76aa5a17bd5b7595e550a44729ba6061ba5857a494c87c8ac913004be265be5
b76fb31899af3edcd5b1525657ac4afe56cbfb819b62981e95cbfa4cbe4c1757
ba7f667413918678fd919a585c75d72b13c59aaeeb8ca0ac1eda0c5dacfcf570
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb37ef3a325b6fa1146f0be4029747263f253e213563ab3bfe6c97fa8be184f5
bca2ddf572ad848172959038c85f59c5403242b68f192dd90815d8e05bf22018
be26002cf69cf44108b36ead9da522c344c4bed69a9d4a505b427eb6740d2568
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c00fe9873fa206951e9a3da26c5f65ed797e8345f3cab956d261c2146cdae759
c032fecbd4bde8a8a2b19b225c3275289c35c31add3fd68a6d8fa8b7af965341
c03aa3433475597837b79c2071e0e62feb4f26348243d8c11900344dd94485d2
c138bd05bbb31298f5496e9c1ce784e24cf8779b76c8a8d8cfbd6fd382323b62
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c369d137cfb49d25e260de6ecfec716b3bee7686cdf73cd8bc9f772089eda931
c4ae3df9e8faab7b1bb930af7ebd4893b07078b30495ef03b1358d7ad1bdf2c1
c6d9c910a05942fd11acdd9d398ea0c921cef636ce65594ddf68c28d8d0f5b42
c6f2a6d946071adf59074fa00d569005f4219f74c04300ae003fb906bef52632
c93586b68ad6ada08514c26a5e5b540c3127428b1cf41127a9f44475bcad85a1
c9658821b2d9d149eb6d868c6ce8811406c6e8fb1f74104eb480264f94836428
cdddb0c87ad1213bc74fd01ee854993d1b70de00c9176153c7919232be801b2d
ce483b9dd61cb73202dd671869a67d98d16043c8aad59c97171f85847abb4e24
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf615323029fe803821bb5bdae6b76321cadaa76cc40f8ce17c41c4f0fff43d6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d09ebc53f719c6eb523346ec0b259cf227cf8104d3faa63d781a6a4026bbc636
d0f910961fa58b3ee012d64d32411315b26c2d6420f1a08ff59fc390dfbadcd6
d10b2a4f1ab0fe7f1c0170ec82bab62e286edb4fda40ad665b865a2f05853c93
d166f50f0e089ce80daa06bf17a3c7f42aba171d9248f69c23cc73d2a5f9fa21
d1bf42c2df6fa95e0806bccd64191d78325514d758c455c0d959913a25d6a101
d1da416a71b864e9a36112077810f09dbd481ec020b6112ee80d52d394084a00
d8c0e2744f5bdf9bfc87aba237434171658aa57bcc8b84a69f4b4d5277796bca
d905d0fb5db368df3e63f1c9118c46a565a8e4ef8a89ba60e36b320c658ffff5
d96a415933700f3aa03e86b13fafae24fa8b0e7d563882c460490826372d2b7b
d97f307b6be72b93868b4c5b344fd59a87d15985306dc6a52ca8b1080bfc772e
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
da737ccbbec201544fd60d1ff301c9a6e0d2862027223f0b920a02cfd656dc33
dac80e38c234ac0e4fbdc83cd9c4105ee21368521e66a09af01166bd2d1698be
db1fb31d1ae08be019d1dcbc04c406f4c078e5e5dff9cb4674d540d2915d26f6
ddc3d01b7e782d832f6e2b5fac8b5cd200613026ad03d09aa27da62d2352726d
dde8dc33fa401d1c466a07346b862f35fc5e5c5335bd52f08913593886ad5601
de095c57e54a9d6e85c6d1584912830b4dee9b76837fb194335babe3214ecdc4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de70ce4548225f6260bed036fcdc558041c050d0368b179acdf17138b985eb47
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea49774fb0589245db2c4249c9ff8905cbd49ad633dd102a1de7ffbf4a20eab
defc8fe3edfd40a35b5f216fce9c3e1c59f82dabd6a8443db205775dc8f51074
dfc5b34aae74af6e91911ecd40b00d8be71e3385dc1c823c026f845142ba9ef1
e34366786ac7b3955c2474012f19c2e843d1d2afc4405c0a1539093f12e91372
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3306a30b6b91ed56f01be4464861efbbbae5a7c836fb49ba91619d622341c
e9fe08a99abfa36a74e11674264fa3b1fd81ebda4e95ddd7c7bdf77a690caef1
ecf132c3795939202e48db4c6a0ef2c4e8ee213ced0018671fe08d3bd59eb4e5
ef03fd432411a47f1cfd06a38d814f565629cb99c8698a88e6e1ba8c6d280df1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f361a8d3a58f787ce03539da02cad00b9b19addafd25ed1145a6d5a48243d335
f6259639f58417fafcc1b2292af568e017a0880ee9ee4878833e2475b5630a67
f67df3c236a9c020c95e46afef78a12d8b14e9ac89b7a43a5a54e12e69ceb362
f747585e37ced141e9a42844f195a228d0ffd8867939b87352a8503d07852af3
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa
f8ca77547aad61b4f149f29ea7e0f7100f5e11990ea9f42ef95409df182a63b4
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fbc8d72285caf24f438e04a9eed96e2a4486fab81113ee4f19fdc1e14b81c5ec
fc6aca76f1369af9e61088b65a96ff94f3a1bb7baa680bf020869bb06e9ed0fa