urlscan.io logo urlscan.io
SecurityTrails logo

www.theguardian.com Open in urlscan Pro
2a04:4e42:600::367  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Submission: On December 23 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 12 countries across 106 domains to perform 469 HTTP transactions. The main IP is 2a04:4e42:600::367, located in United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 14350.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 14th 2023. Valid for: a year.
This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 2a04:4e42:600... 54113 (FASTLY)
21 2a04:4e42::367 54113 (FASTLY)
14 54.155.176.49 16509 (AMAZON-02)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 18.238.64.130 16509 (AMAZON-02)
2 4 18.164.96.83 16509 (AMAZON-02)
1 23.47.169.117 16625 (AKAMAI-AS)
1 199.232.36.157 54113 (FASTLY)
7 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.80.34 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.93.125 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
1 18.173.132.10 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.244.42.5 13414 (TWITTER)
2 104.244.42.131 13414 (TWITTER)
5 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
18 23 68.67.160.117 29990 (ASN-APPNEX)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 20.40.202.2 8075 (MICROSOFT...)
1 69.192.109.215 16625 (AKAMAI-AS)
7 44.199.149.119 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
2 18.164.98.157 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 26 3.17.215.181 16509 (AMAZON-02)
7 172.64.144.78 13335 (CLOUDFLAR...)
2 3.208.133.199 14618 (AMAZON-AES)
2 35.211.156.253 19527 (GOOGLE-2)
2 2620:100:a001... 19750 (AS-CRITEO)
2 3.233.176.156 14618 (AMAZON-AES)
4 17 104.18.36.155 13335 (CLOUDFLAR...)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 2607:f350:3:2... 27630 (AS-XFERNET)
1 2607:f8b0:400... 15169 (GOOGLE)
2 21 52.46.128.147 16509 (AMAZON-02)
4 31 51.222.39.185 16276 (OVH)
5 23.56.163.14 16625 (AKAMAI-AS)
4 20 2607:f350:3:2... 27630 (AS-XFERNET)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 216.22.16.68 30633 (LEASEWEB-...)
3 8 63.251.86.49 10913 (INTERNAP-BLK)
10 3.222.121.73 14618 (AMAZON-AES)
5 15 52.223.22.214 16509 (AMAZON-02)
25 45 142.250.65.194 15169 (GOOGLE)
14 14 3.33.220.150 16509 (AMAZON-02)
5 5 185.167.164.43 198622 (ADFORM)
1 2600:1f18:61c... 14618 (AMAZON-AES)
9 9 54.152.0.153 14618 (AMAZON-AES)
13 14 35.211.178.172 15169 (GOOGLE)
3 3 199.38.167.130 54312 (ROCKETFUEL)
4 4 54.152.61.223 14618 (AMAZON-AES)
6 6 198.148.27.131 19189 (PULSEPOINT)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
3 5 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 34.225.183.152 14618 (AMAZON-AES)
1 2 34.198.29.92 14618 (AMAZON-AES)
6 52.89.208.126 16509 (AMAZON-02)
14 14 8.28.7.82 62713 (AS-PUBMATIC)
10 15 8.28.7.83 62713 (AS-PUBMATIC)
2 2 35.214.166.178 15169 (GOOGLE)
1 1 35.175.88.165 14618 (AMAZON-AES)
1 23.41.168.23 16625 (AKAMAI-AS)
4 4 63.251.28.134 26558 (FREEWHEEL)
1 2 23.83.76.52 395954 (LEASEWEB-...)
9 9 67.202.105.23 32748 (STEADFAST)
4 4 69.194.240.13 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
4 4 23.1.200.83 16625 (AKAMAI-AS)
8 23.34.250.29 16625 (AKAMAI-AS)
2 2 216.200.232.253 30419 (MEDIAMATH...)
3 3 213.19.162.90 26667 (RUBICONPR...)
9 16 8.43.72.97 26667 (RUBICONPR...)
2 2 80.77.87.162 46636 (NATCOWEB)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 23.83.76.100 395954 (LEASEWEB-...)
12 12 2606:ae80:145... 25751 (VALUECLICK)
7 7 3.225.218.10 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 2 8.2.110.134 46636 (NATCOWEB)
3 3 35.207.24.140 15169 (GOOGLE)
2 104.36.115.113 62713 (AS-PUBMATIC)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
5 9 8.43.72.98 26667 (RUBICONPR...)
2 151.101.129.111 54113 (FASTLY)
1 54.239.33.158 16509 (AMAZON-02)
1 1 2600:9000:266... 16509 (AMAZON-02)
1 1 2600:9000:26f... 16509 (AMAZON-02)
1 18.173.219.124 16509 (AMAZON-02)
1 147.75.198.144 54825 (PACKET)
1 23.40.179.31 20940 (AKAMAI-ASN1)
2 2 54.162.157.217 14618 (AMAZON-AES)
2 2620:100:a001::4 19750 (AS-CRITEO)
21 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 142.251.40.130 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 64.202.112.159 22075 (AS-OUTBRAIN)
1 1 159.203.145.121 14061 (DIGITALOC...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2 2620:116:800b... 14618 (AMAZON-AES)
1 1 139.162.78.222 63949 (AKAMAI-LI...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
3 8.28.7.84 62713 (AS-PUBMATIC)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 2620:112:f002... 6336 (TURN-US-ASN)
1 2 108.139.29.15 16509 (AMAZON-02)
3 3 74.119.119.150 19750 (AS-CRITEO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.238.55.117 16509 (AMAZON-02)
1 1 172.67.10.198 13335 (CLOUDFLAR...)
1 1 45.137.176.88 60350 (VP)
2 2 96.46.186.59 7979 (SERVERS-COM)
1 1 23.108.103.8 59253 (LEASEWEB-...)
1 1 18.205.39.5 14618 (AMAZON-AES)
1 1 192.132.33.67 18568 (BIDTELLECT)
1 2607:4f00:974::2 55081 (24SHELLS)
1 2 67.202.105.31 32748 (STEADFAST)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 5 23.105.12.120 30633 (LEASEWEB-...)
1 169.197.150.7 398989 (DEEPINTENT)
1 2 151.101.66.49 54113 (FASTLY)
1 2 52.200.3.94 14618 (AMAZON-AES)
1 52.1.240.135 14618 (AMAZON-AES)
1 52.21.25.82 14618 (AMAZON-AES)
1 2 38.68.201.140 174 (COGENT-174)
1 107.23.119.165 14618 (AMAZON-AES)
5 34.117.239.71 396982 (GOOGLE-CL...)
1 1 35.186.253.211 15169 (GOOGLE)
1 23.227.146.18 55081 (24SHELLS)
469 101
40    2a04:4e42:600::367 (United States)

ASN54113 (FASTLY, US)
www.theguardian.com
assets.guim.co.uk
i.guim.co.uk
sourcepoint.theguardian.com
21    2a04:4e42::367 (United States)

ASN54113 (FASTLY, US)
assets.guim.co.uk
sourcepoint.theguardian.com
contributions.guardianapis.com
14    54.155.176.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
ophan.theguardian.com
12    2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    18.238.64.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-64-130.jfk52.r.cloudfront.net
c.amazon-adsystem.com
4    18.164.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-83.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    23.47.169.117 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-169-117.deploy.static.akamaitechnologies.com
a.teads.tv
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
7    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
2    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    13.35.93.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-125.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
2    2606:4700:20::681a:d12 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
9    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.173.132.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-10.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
23    68.67.160.117 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    69.192.109.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-215.deploy.static.akamaitechnologies.com
at.teads.tv
7    44.199.149.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-149-119.compute-1.amazonaws.com
pixel.adsafeprotected.com
5    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
3    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
26    3.17.215.181 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-215-181.us-east-2.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
visitor-us-east-2.omnitagjs.com
7    172.64.144.78 (United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
2    3.208.133.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-133-199.compute-1.amazonaws.com
tlx.3lift.com
2    35.211.156.253 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 253.156.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    3.233.176.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-176-156.compute-1.amazonaws.com
krk2.kargo.com
17    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
21    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
31    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
5    23.56.163.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    216.22.16.68 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
8    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
ce.lijit.com
10    3.222.121.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-121-73.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
15    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
45    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
14    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:1f18:61c0:2205:1ef3:ed1e:e7cd:465 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
9    54.152.0.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-0-153.compute-1.amazonaws.com
match.prod.bidr.io
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    54.152.61.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-61-223.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    34.225.183.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-183-152.compute-1.amazonaws.com
dpm.demdex.net
2    34.198.29.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-29-92.compute-1.amazonaws.com
match.sharethrough.com
6    52.89.208.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-208-126.us-west-2.compute.amazonaws.com
cs.yellowblue.io
14    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
15    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    35.214.166.178 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 178.166.214.35.bc.googleusercontent.com
csync.loopme.me
1    35.175.88.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-88-165.compute-1.amazonaws.com
ads.yieldmo.com
1    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
4    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    23.83.76.52 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
9    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.34.250.29 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-250-29.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
16    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
2    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    23.83.76.100 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
12    2606:ae80:1450:16::2040 (United States)

ASN25751 (VALUECLICK, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
7    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    2600:1f18:4e9:5a07:a217:a1:a581:ef30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
9    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    151.101.129.111 (United States)

ASN54113 (FASTLY, US)
api.nextgen.guardianapps.co.uk
1    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2600:9000:266a:9800:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:26fa:5c00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.173.219.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-124.jfk52.r.cloudfront.net
sync1.intentiq.com
1    147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.40.179.31 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-31.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    54.162.157.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-157-217.compute-1.amazonaws.com
sync.ipredictive.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
21    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2607:f8b0:4006:81c::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com
a.c.appier.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    108.139.29.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-15.jfk50.r.cloudfront.net
api.intentiq.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    18.238.55.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-117.jfk52.r.cloudfront.net
api-2-0.spot.im
1    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    96.46.186.59 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    23.108.103.8 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    18.205.39.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-39-5.compute-1.amazonaws.com
jadserve.postrelease.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 67.bidtellect.com
bttrack.com
1    2607:4f00:974::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
2    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
5    23.105.12.120 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    52.200.3.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-3-94.compute-1.amazonaws.com
thrtle.com
1    52.1.240.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-240-135.compute-1.amazonaws.com
crb.kargo.com
1    52.21.25.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-25-82.compute-1.amazonaws.com
sync.bfmio.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    107.23.119.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-119-165.compute-1.amazonaws.com
rtb.adentifi.com
5    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
Apex Domain
Subdomains		 Transfer
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
252 KB
41 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 859
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
53 KB
41 guim.co.uk
assets.guim.co.uk — Cisco Umbrella Rank: 21134
i.guim.co.uk — Cisco Umbrella Rank: 16182
713 KB
40 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
80 KB
31 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
14 KB
31 googlesyndication.com
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
162 KB
29 theguardian.com
www.theguardian.com — Cisco Umbrella Rank: 14350
ophan.theguardian.com — Cisco Umbrella Rank: 18980
sourcepoint.theguardian.com — Cisco Umbrella Rank: 22046
195 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
91 KB
26 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
visitor-us-east-2.omnitagjs.com — Cisco Umbrella Rank: 18800
12 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
18 KB
22 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com — Cisco Umbrella Rank: 951
19 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
12 KB
17 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
8 KB
16 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453
cs.yellowblue.io — Cisco Umbrella Rank: 1547
8 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
16 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
6 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
5 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
732 KB
12 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
33across-match.dotomi.com — Cisco Umbrella Rank: 3244
4 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
109 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
4 KB
10 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
4 KB
10 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2932
api.permutive.com — Cisco Umbrella Rank: 2205
337 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
5 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
6 KB
8 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
rtb.openx.net — Cisco Umbrella Rank: 695
2 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
9 KB
8 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
11 KB
7 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4765
18 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
5 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com — Cisco Umbrella Rank: 711
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 guardianapis.com
contributions.guardianapis.com — Cisco Umbrella Rank: 21869
38 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
api.intentiq.com — Cisco Umbrella Rank: 1419
4 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
4 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
d.turn.com — Cisco Umbrella Rank: 1349
952 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2719
crb.kargo.com — Cisco Umbrella Rank: 910
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
collector.brandmetrics.com — Cisco Umbrella Rank: 3177
20 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4174
967 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1289
685 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
766 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1577
hde.tynt.com — Cisco Umbrella Rank: 4170
3 KB
2 spotim.market
s.spotim.market
sync.spotim.market — Cisco Umbrella Rank: 3472
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
2 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8960
964 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
874 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
592 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
123 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
63 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
1 KB
2 guardianapps.co.uk
api.nextgen.guardianapps.co.uk — Cisco Umbrella Rank: 20968
507 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 2606
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
1 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
532 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
512 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
606 B
2 t.co
t.co — Cisco Umbrella Rank: 589
602 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
at.teads.tv — Cisco Umbrella Rank: 4890
4 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
161 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
35 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
425 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
338 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1781
4 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
419 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 936
594 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2137
581 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
774 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2705
667 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2669
458 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7973
487 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 8865
595 B
1 mediago.io
gtrace.mediago.io
465 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4454
464 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
650 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
449 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
657 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3298
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
538 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
462 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
618 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
516 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 777
631 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 prmutv.co
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co — Cisco Umbrella Rank: 39321
388 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
0 inmobi.com Failed
sync.inmobi.com Failed
0 id5-sync.com Failed
id5-sync.com — Cisco Umbrella Rank: 425 Failed
0 avct.cloud Failed
ads.avct.cloud Failed
469 106
Domain Requested by
45 cm.g.doubleclick.net 25 redirects onetag-sys.com
u.openx.net
www.theguardian.com
googleads.g.doubleclick.net
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
eb2.3lift.com
38 assets.guim.co.uk www.theguardian.com
assets.guim.co.uk
31 onetag-sys.com 4 redirects s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
onetag-sys.com
visitor.omnitagjs.com
21 pagead2.googlesyndication.com 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
assets.guim.co.uk
tpc.googlesyndication.com
www.googletagservices.com
21 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
onetag-sys.com
u.openx.net
ce.lijit.com
ads.pubmatic.com
www.theguardian.com
20 sync.go.sonobi.com 4 redirects s.amazon-adsystem.com
sync.go.sonobi.com
17 ib.adnxs.com 12 redirects assets.guim.co.uk
www.theguardian.com
googleads.g.doubleclick.net
eb2.3lift.com
15 visitor.omnitagjs.com 1 redirects assets.guim.co.uk
visitor.omnitagjs.com
onetag-sys.com
ssbsync.smartadserver.com
s.spotim.market
15 eb2.3lift.com 5 redirects s.amazon-adsystem.com
assets.guim.co.uk
eb2.3lift.com
s.spotim.market
14 pixel.rubiconproject.com 7 redirects onetag-sys.com
www.theguardian.com
14 image8.pubmatic.com 14 redirects elb.the-ozone-project.com
14 x.bidswitch.net 13 redirects ce.lijit.com
14 match.adsrvr.org 14 redirects
14 ophan.theguardian.com www.theguardian.com
13 sourcepoint.theguardian.com assets.guim.co.uk
sourcepoint.theguardian.com
12 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
12 www.google.com assets.guim.co.uk
www.theguardian.com
www.gstatic.com
www.google.com
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 visitor-us-east-2.omnitagjs.com visitor.omnitagjs.com
hde.tynt.com
10 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 simage2.pubmatic.com 6 redirects ads.pubmatic.com
9 ssc-cms.33across.com 9 redirects
9 match.prod.bidr.io 9 redirects
9 www.gstatic.com www.google.com
www.gstatic.com
8 pubmatic-match.dotomi.com 8 redirects
8 eus.rubiconproject.com cs-server-s2s.yellowblue.io
eus.rubiconproject.com
visitor.omnitagjs.com
hde.tynt.com
8 api.permutive.com assets.guim.co.uk
7 tpc.googlesyndication.com 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 ups.analytics.yahoo.com 7 redirects
7 elb.the-ozone-project.com assets.guim.co.uk
elb.the-ozone-project.com
7 pixel.adsafeprotected.com assets.guim.co.uk
7 securepubads.g.doubleclick.net assets.guim.co.uk
securepubads.g.doubleclick.net
www.googletagservices.com
6 image2.pubmatic.com 4 redirects s.amazon-adsystem.com
ads.pubmatic.com
6 cs.yellowblue.io cs-server-s2s.yellowblue.io
onetag-sys.com
www.theguardian.com
6 bh.contextweb.com 6 redirects
6 secure.adnxs.com 6 redirects
5 events-ssc.33across.com hde.tynt.com
visitor.omnitagjs.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 pixel.tapad.com 3 redirects s.amazon-adsystem.com
5 us-u.openx.net 2 redirects u.openx.net
5 c1.adform.net 5 redirects
5 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
5 ads.pubmatic.com s.amazon-adsystem.com
assets.guim.co.uk
hde.tynt.com
s.spotim.market
5 fonts.gstatic.com www.google.com
www.theguardian.com
5 googleads.g.doubleclick.net www.googleadservices.com
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 contributions.guardianapis.com assets.guim.co.uk
www.theguardian.com
4 b1sync.zemanta.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
s.amazon-adsystem.com
4 secure-assets.rubiconproject.com 4 redirects
4 ads.stickyadstv.com 4 redirects
4 px.ads.linkedin.com 1 redirects sync.go.sonobi.com
www.theguardian.com
eb2.3lift.com
4 idsync.rlcdn.com 3 redirects
4 creativecdn.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 sb.scorecardresearch.com 2 redirects www.theguardian.com
3 dis.criteo.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 pixel-eu.rubiconproject.com 3 redirects
3 sync.1rx.io 3 redirects
3 dpm.demdex.net 1 redirects sync.go.sonobi.com
3 p.rfihub.com 3 redirects
3 ap.lijit.com 2 redirects visitor.omnitagjs.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
3 c.amazon-adsystem.com assets.guim.co.uk
3 i.guim.co.uk www.theguardian.com
2 33across-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects
2 thrtle.com 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 image4.pubmatic.com visitor.omnitagjs.com
2 api.intentiq.com 1 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 rtb2-useast.e-volution.ai 2 redirects
2 cms.quantserve.com 1 redirects 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
2 s0.2mdn.net 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 www.googletagservices.com 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
2 static.criteo.net assets.guim.co.uk
2 sync.ipredictive.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 api.nextgen.guardianapps.co.uk assets.guim.co.uk
2 image6.pubmatic.com ads.pubmatic.com
2 cs.krushmedia.com 1 redirects ce.lijit.com
2 ums.acuityplatform.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 ssbsync-global.smartadserver.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ad.turn.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 csync.loopme.me 2 redirects
2 match.sharethrough.com 1 redirects www.theguardian.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 apex.go.sonobi.com assets.guim.co.uk
2 hbopenbid.pubmatic.com assets.guim.co.uk
2 htlb.casalemedia.com assets.guim.co.uk
2 krk2.kargo.com assets.guim.co.uk
2 bidder.criteo.com assets.guim.co.uk
2 grid.bidswitch.net assets.guim.co.uk
2 tlx.3lift.com assets.guim.co.uk
2 aax.amazon-adsystem.com assets.guim.co.uk
2 analytics.twitter.com www.theguardian.com
2 t.co www.theguardian.com
2 cdn.brandmetrics.com assets.guim.co.uk
cdn.brandmetrics.com
2 cdn.permutive.com assets.guim.co.uk
2 cdn.confiant-integrations.net assets.guim.co.uk
cdn.confiant-integrations.net
2 www.google-analytics.com assets.guim.co.uk
2 www.theguardian.com assets.guim.co.uk
1 sync.spotim.market s.spotim.market
1 rtb.openx.net 1 redirects
1 rtb.adentifi.com
1 sync.bfmio.com
1 crb.kargo.com
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 hde.tynt.com visitor.omnitagjs.com
1 de.tynt.com 1 redirects
1 s.spotim.market visitor.omnitagjs.com
1 id.rlcdn.com visitor.omnitagjs.com
1 bttrack.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 sync.adotmob.com 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 d.turn.com
1 js-sec.indexww.com assets.guim.co.uk
1 simage4.pubmatic.com ads.pubmatic.com
1 mug.criteo.com
1 dsp.adkernel.com 1 redirects
1 a.c.appier.net 1 redirects
1 gtrace.mediago.io 1 redirects
1 cs.chocolateplatform.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 hb.yahoo.net www.theguardian.com
1 prebid.a-mo.net www.theguardian.com
1 sync1.intentiq.com www.theguardian.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com www.theguardian.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com s.amazon-adsystem.com
1 t.adx.opera.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 contextual.media.net cs-server-s2s.yellowblue.io
1 ads.yieldmo.com 1 redirects
1 pippio.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 ssbsync-us.smartadserver.com 1 redirects
1 pubads.g.doubleclick.net www.theguardian.com
1 hb-api.omnitagjs.com assets.guim.co.uk
1 at.teads.tv assets.guim.co.uk
1 collector.brandmetrics.com cdn.brandmetrics.com
1 d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co assets.guim.co.uk
1 stats.g.doubleclick.net assets.guim.co.uk
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.adsafeprotected.com assets.guim.co.uk
1 www.googleadservices.com assets.guim.co.uk
1 static.ads-twitter.com assets.guim.co.uk
1 a.teads.tv assets.guim.co.uk
0 sync.inmobi.com Failed elb.the-ozone-project.com
0 id5-sync.com Failed
0 ads.avct.cloud Failed
469 167
Subject Issuer Validity Valid
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-14 -
2024-12-15		 a year crt.sh
ophan.theguardian.com
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
the-ozone-project.com
E1		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Frame ID: 04833E8884EE8B91B31C16F14D52E95D
Requests: 163 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
Frame ID: 32D8DECE46E61E7A92FBACBB3C634049
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Frame ID: F581ACF87A41DED796C7E635CA7245C9
Requests: 8 HTTP requests in this frame

Frame: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E02C4C68D71EC641C8B81EFB2B6A708
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Frame ID: 8DF53D36A020C0D6610BC3C3814611EA
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: A5C854D35A846FEAECF78C72610A07D6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: A81BB8AF27E1D66F4C6542A3D237D654
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: E8EE600E446B4DF63F9AF344D183AF72
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 3DE40331B26AC720ED4356F2E536273C
Requests: 12 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: 2C5EA960A4D193D87D62CB4001E8A45B
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 7E05E8F9ACE5E98CE32934ED3E1EFFE7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7567752064217675276&gdpr=0&gdpr_consent=
Frame ID: BCA59E59C46F754574FA55F11FCF3123
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5694220248042463684&ex=appnexus.com
Frame ID: FD4D6E1EE684887AAB187405AE7324DE
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 3860C8E26A87C8B733047DEC5CECFF9D
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: EB3580DE066B3092B08DE2B627D59D5E
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2654045899593000745508
Frame ID: 19B37BAB545C5E9DA277F8144CC089DC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 807F9C456F673893AD071EEA7E864444
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 11900E26B409F4597175E159C100246C
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent=
Frame ID: A455CA228656F9D835AD98C0D11923C9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Frame ID: 4DCEA0A57F6D6B85D7D45360928B824D
Requests: 1 HTTP requests in this frame

Frame: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 485828B6644E60782392CD90D0B16F41
Requests: 17 HTTP requests in this frame

Frame: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99AA9B0B0AC57A2989F9CD2C97D9EFD8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Frame ID: 5502C019736068A690530FE142748A50
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Frame ID: 05E91E0EDDC9B46E73FC3779FEA5213A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 70CC3043FD520F19286E29AAF816CEB5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00C15DFD5FC09C43C445719D696E4F1A
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Frame ID: 1194ED49A3E87F11CB3FA2A80C8F9FB2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E10A8BEC9A9D4FE96A7F978138C9C91E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16721AC95FD9412B76000E29EF47B419
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Frame ID: C0BEEAC767B022E928D50AFB768F0A89
Requests: 12 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Frame ID: 092486107CB7C12354C9FB3A2E3543E6
Requests: 23 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: EB2840EB1EB77B5168049ECA63B0FFD4
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0A3761B1C50B4B27D8215481B2323369
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Frame ID: B67F15EA700F500DB9CA313977DB87D0
Requests: 7 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: 067E76D574DD743048EE14F60122EFCD
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Frame ID: 9FAD0555D65DC547461B806D36A7E373
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 79B91B0010A5BA0E44A6BECB5E1CA325
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: B2262EB2DBB768B09943C50417E0468D
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: D4F1B676FD40CC15C684A69CE70CB998
Requests: 4 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 803335BC325B74042E3961F74543327F
Requests: 6 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3D%23PMUID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D6%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID
Frame ID: 700D86124254717CBFBA5ED98ED9D439
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABGyU7LDpoAABLqhLWj3g&gdpr=0&gdpr_consent=
Frame ID: DEA5FE776379AE4899291B7BB114B69F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpwMk_u4fAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Frame ID: 0CC708EA6BAFAB8CD8AEE346BD3C6527
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 02F8F9EEEDA66AFE69F9C7778DF06861
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYdM5wAJJDs0hgBd
Frame ID: 938BDCDBE56EB926B761D36B85723BB9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 8BC4D0D98F98ECB423D0D31A17CD63A1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 55C69C1D8774D0E7B31FFBA40C383F1D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Frame ID: 1C3A0BE43C2FE6876201B4D4C7A3C07D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Frame ID: 0C1C5076E4C10AD0D237A20025F961F6
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=f751b669e81c5999&name=OPENWEB
Frame ID: 96A9B05FC6F0FC674B07D40726788334
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Many prehistoric handprints show a finger missing. What if this was not accidental? | Archaeology | The Guardian

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

469
Requests

65 %
HTTPS

25 %
IPv6

106
Domains

167
Subdomains

101
IPs

12
Countries

3313 kB
Transfer

9763 kB
Size

259
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 90
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2CArt%2CPainting&c7=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&c8=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2CArt%2CPainting&c7=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&c8=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&c9=
Request Chain 145
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 157
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 160
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 161
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7567752064217675276&gdpr=0&gdpr_consent=
Request Chain 162
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5694220248042463684&ex=appnexus.com
Request Chain 163
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 165
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2654045899593000745508
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYdM4wBFfCm4F5_5eTt5igAADmMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIerEFwKIjEiBNTZvSPqx4I&google_cver=1
Request Chain 168
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=38340403-1dfe-4d47-97f7-199a6a56d90a&expiration=1705957859&gdpr=0&gdpr_consent=
Request Chain 169
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Request Chain 171
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5694220248042463684
Request Chain 172
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3104645389375357453&expiration=1704575459
Request Chain 174
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABGyU7LDpoAABLqhLWj3g&expiration=1704575459
Request Chain 176
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=44346e42-952c-4f1d-b0c0-0dc4ae970d46&google_hm=NDQzNDZlNDItOTUyYy00ZjFkLWIwYzAtMGRjNGFlOTcwZDQ2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB__9Vq3C8clc16RUZzmisw&google_cver=1&ssp=sonobi&bsw_param=44346e42-952c-4f1d-b0c0-0dc4ae970d46 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=38340403-1dfe-4d47-97f7-199a6a56d90a&pubid=91e92b73fd
Request Chain 178
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Request Chain 179
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Request Chain 180
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=87e35591-8df3-4747-abf4-1581f1cca478&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SVFRS0JTUDJUemQzeG44Ym1zNEM3Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEM-q52BYpQguCfhoUja8tt8&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
Request Chain 181
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi&tc=1
Request Chain 182
  • https://idsync.rlcdn.com/711892.gif?partner_uid=87e35591-8df3-4747-abf4-1581f1cca478 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDg3ZTM1NTkxLThkZjMtNDc0Ny1hYmY0LTE1ODFmMWNjYTQ3OBAAGg0I45mdrAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152&expected_cookie=5191f927-25df-4c75-a9f3-dcf6c954eaa7
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODdlMzU1OTEtOGRmMy00NzQ3LWFiZjQtMTU4MWYxY2NhNDc4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
Request Chain 184
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
Request Chain 185
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
Request Chain 186
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=2dfa34bc-acb5-4dde-8438-23483d48ac53&gdpr=0
Request Chain 187
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=87e35591-8df3-4747-abf4-1581f1cca478
Request Chain 188
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEQzNTMwM0EtRTFDRC00QjkwLTlENDktMDI2OTYzMDAwNkVD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Request Chain 189
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=84bea3be-9a6a-4ed4-82b4-70603c56785b&gdpr_consent=null&gdpr=0
Request Chain 190
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3z3NqxxffNx8Uzl2joWy&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 191
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=GH9Ulpybqdbq&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 193
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Request Chain 194
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46
Request Chain 195
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=4dc90496-aaa5-036c-1af1-7ff266bb3b39
Request Chain 196
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=7567752064217675276&gdpr=0&gdpr_consent=
Request Chain 197
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212299388733440
Request Chain 198
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1703365859984 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4571221288 HTTP 302
  • https://sync.1rx.io/usersync/turn/2665424737501304248?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
Request Chain 199
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5694220248042463684&gdpr=0&gdpr_consent=
Request Chain 201
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 203
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
Request Chain 204
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQIK1XEQ-L-84ZE&gdpr=0
Request Chain 205
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
Request Chain 206
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Request Chain 208
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Request Chain 209
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU6a719b07b6f445c4a5745c48eeb7cff5
Request Chain 210
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEWgfhG1N9e9gZp5bwRM3HQpJvwWkTAw
Request Chain 211
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
Request Chain 212
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Request Chain 213
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTI4Q0ExQTYtODIzMC00OEYzLUJBNzYtQzUzNzhBMEZBNDMw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1
Request Chain 215
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=qtldG2sKk1cf&ev=1&us_privacy=&pid=562985
Request Chain 216
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=707fb874b53711bb&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHE44MEr43zwNaLdYrAAAAAAA&expiration=1703452260
Request Chain 217
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-0h2gudZE2uFfH2EupW6_MYzNwD7jPwvIy4LDQz8-~A
Request Chain 218
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=95a0729e-2528-4d2b-83f2-20024fa7c1d5&gdpr=0&gdpr_consent=
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Request Chain 224
  • https://match.adsrvr.org/track/cmf/openx?oxid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0&gdpr_consent=
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7DX7dEmW8MYRya5aloaNk&google_cver=1
Request Chain 228
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQIK1XFL-J-GJDI&gdpr=0
Request Chain 229
  • https://ums.acuityplatform.com/tum?umid=27&uid=H3v2hPZHpRiHWZu3QaKVVlWe&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=868538562852
Request Chain 231
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-matching?id=3673&_fw_gdpr=0&_fw_gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 232
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=41de5bf8-d8bf-495b-b66a-9ed98b7a3087
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oWKt-bm7RVGDMme8veux0Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 246
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTE2MkFERjktQjlCQi00NTUxLTgzMzItNjdCQ0JERUJCMUQx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDINY2uDARK5EzKscez5rY4&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Request Chain 251
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B0E86E2759B948DD8B2C3AF0A9CA22FF
Request Chain 252
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Request Chain 260
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQIK1X6U-1H-9UYC HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIK1X6U-1H-9UYC
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2UzMmNlN2E1OTBjYmNjZDkyOGNmYTg5YWMwZjEwZDMxOWU0ODMxYQ
Request Chain 264
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIK1X6U-1H-9UYC
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAvYeTklzxafLAuVEbVLGZQ&google_cver=1
Request Chain 266
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent=&expires=30
Request Chain 267
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TfYyiRCMRLat2QsomQhisQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TfYyiRCMRLat2QsomQhisQ
Request Chain 268
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJSzFYNlUtMUgtOVVZQw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBVcBp55ET6JzPpiwKlvV84&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJSzFYNlUtMUgtOVVZQw==&google_push=
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQIK1X6U-1H-9UYC&ex=d-rubiconproject.com&status=ok
Request Chain 271
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z8gg_jK_6G8lP8sdHDSJKcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FNyr0mRE2oK01y8OnswOczq_UTXByhTQxzplpA--~A
Request Chain 272
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABGyU7LDpoAABLqhLWj3g&expires=30
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIK1X6U-1H-9UYC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC&ckls=true&ci=5YMxk933dQ&nc=false&trid=-95158702
Request Chain 274
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIK1X6U-1H-9UYC
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIK1X6U-1H-9UYC
Request Chain 276
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIK1X6U-1H-9UYC
Request Chain 277
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIK1X6U-1H-9UYC&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIK1X6U-1H-9UYC&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MUXpoY3JSRTJ1R0VVZFRmX1NBeU9leEJZY0U4R2x3dn5B&ovsid=LQIK1X6U-1H-9UYC&dpid=58160
Request Chain 278
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2d69c003-0441-4838-bfb1-76c558b7499b&expires=30
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
Request Chain 297
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Request Chain 299
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
Request Chain 301
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
Request Chain 323
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 324
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENtw3scTEnaF0rqfVCE_s2U&google_cver=1&google_push=AXcoOmQ08FfEIKvq_flKNKCiQTGCkHLNzGqiGRLrnixX136g2IfUChGJeqkEpu8VMVjsQ9zj08rEolmFBw0NGceIvHCkrkmKnugq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=868538562852&us_privacy=1---
Request Chain 325
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHjjU3J_YKjQSjAL5QSU8RU&google_cver=1&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHjjU3J_YKjQSjAL5QSU8RU&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY&google_hm=aE5lMUR3UG9lakdUMTR5eGZXaWc=
Request Chain 326
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGVvxhf6Ty_a4qVCEjUxQOA&google_cver=1&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGTIbeYnPBpfRt1k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGTIbeYnPBpfRt1k
Request Chain 327
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSulkidmXi1LiN95ZCs7c%26google_hm%3D%5BUID%5D&google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSulkidmXi1LiN95ZCs7c&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
Request Chain 328
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMpbItYbF5oZu2jusAjkq40&google_cver=1&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96ZotbMYyHvaNsKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96ZotbMYyHvaNsKI
Request Chain 329
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEH-rg_zIoaHQyRo32_V3AbY&google_cver=1&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo6NYO8J4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo6NYO8J4&google_hm=f5ef61caad3321292qdpuk00lqik1ypn
Request Chain 333
  • https://a.c.appier.net/gcm?google_gid=CAESELfANzRFekn2vjbCdHleafs&google_cver=1&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgESs983ISihPArR5TW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=azFEeUh1REVDaDZaSmpXTDVreUhaUQ%3D%3D&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgESs983ISihPArR5TW
Request Chain 334
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFNM2uPFjw6JfJazEvsb-oQ%26google_hm%3D%5BUID%5D&google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFNM2uPFjw6JfJazEvsb-oQ&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
Request Chain 335
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJa13YyWx5naGi9TP0jDqrU&google_cver=1&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJa13YyWx5naGi9TP0jDqrU%26google_cver%3D1%26google_push%3DAXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6508938693885992533&exchange=193&google_gid=CAESEJa13YyWx5naGi9TP0jDqrU&google_cver=1&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1MDg5Mzg2OTM4ODU5OTI1MzM&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ
Request Chain 336
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECcx1OXM76glDvNnwPnUoys&google_cver=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb_DVDHF0jGR6LfctoznjK12KFOTaghDx50h5bJH-CLHtws_BQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Qd5b-Ni_SVu2ap7Zi3owhw==&no_redirect=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb_DVDHF0jGR6LfctoznjK12KFOTaghDx50h5bJH-CLHtws_BQ
Request Chain 337
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1&google_push=AXcoOmS1OMSUIKw0C2KhN0PvB8baB1YGXEkGkVDj7vGfAxA-xl5VjG86VTpVRjxYT6DubkiEILWdlK6ncz52DjRq8JfVd5gbpLloNuw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEYarQ2qT7-r8ltc16XD2aBEs_rjWMgg&google_push=AXcoOmS1OMSUIKw0C2KhN0PvB8baB1YGXEkGkVDj7vGfAxA-xl5VjG86VTpVRjxYT6DubkiEILWdlK6ncz52DjRq8JfVd5gbpLloNuw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 338
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-YS3dAQvsO8bkKwfsW0f1tgYAlNO0vVmIiRQzMZQzJdn5oq4LtXrOHxWMSk0KsF2jcoI29Wj-uaQp6ScZFgUdiMU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-YS3dAQvsO8bkKwfsW0f1tgYAlNO0vVmIiRQzMZQzJdn5oq4LtXrOHxWMSk0KsF2jcoI29Wj-uaQp6ScZFgUdiMU
Request Chain 345
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SMmLJnxrMmFaQXJnR0hPNnp6ZUozNTE1dVBjaXdIdEZsUFl1OGhDaVhOVzFJczl5Uzk2bncyV0hNOUJUYnQ4aVhPZGI2N2FSSFQ2Z0tkWmo3Qm9EQVlCUDlQM2p2aEpwa244RXNjenpMMEFlNVV1aHJRY0c5Q3FhQTFtQ3BZOUZWN0h5MnZFUnNXNlpSM3F6QmZmT3BrYVFEcDBUYmxHUTV0ZkxXNzBjQ0orN0ZjOEhmSFpVWkYxS2RDQnU2S3dEMEM2WXZlbmhIWkoyTVFlNlFySU1vU3FzTnIrdmZDUHVKT25LZ04vMjNuSkdlSTkzdGlBeXlQdGpFMkg5Q2E3ZkJ4OW93MllYZGFNTHNoV0NQQlFYR21jZzlUck4wMHFvQWJmY1NzOHRQNitBZ1FzUT18&cppv=2
Request Chain 364
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=87e35591-8df3-4747-abf4-1581f1cca478&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
Request Chain 366
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Request Chain 368
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0b4fe10d-536f-4598-bca9-06a89b923b61&pubid=d089631d2d
Request Chain 369
  • https://idsync.rlcdn.com/711892.gif?partner_uid=87e35591-8df3-4747-abf4-1581f1cca478 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f00f6766-b00d-0849-0ecf-a3937e898ea2
Request Chain 370
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Request Chain 371
  • https://id5-sync.com/s/434/9.gif?puid=87e35591-8df3-4747-abf4-1581f1cca478&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=87e35591-8df3-4747-abf4-1581f1cca478&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/8/2.gif?puid=5694220248042463684&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/6/4.gif?puid=1c158477-681d-4934-afe1-16ac1db45bfb&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_2ab4177e-d807-4346-93e3-b095ac6c1218&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-07eeua3dzC7RunV9uA7F-YbLnO_uw_R1-n1azfNpIQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-07eeua3dzC7RunV9uA7F-YbLnO_uw_R1-n1azfNpIQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/4/6.gif?puid=fa2e2bb8-ddc7-4adf-9eda-4dda7fb9c513&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/3/7.gif?puid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5694220248042463684&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=H3v2hPZHpRiHWZu3QaKVVlWe&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABGyU7LDpoAABLqhLWj3g&id5AccountNum=155&numCascadesAllowed=9
Request Chain 374
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODdlMzU1OTEtOGRmMy00NzQ3LWFiZjQtMTU4MWYxY2NhNDc4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
Request Chain 377
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=87e35591-8df3-4747-abf4-1581f1cca478 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D1c158477-681d-4934-afe1-16ac1db45bfb%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5694220248042463684&pt=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
Request Chain 378
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=87e35591-8df3-4747-abf4-1581f1cca478 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-1971223972&pcid=$UID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-1971223972&pcid=5694220248042463684
Request Chain 379
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi
Request Chain 380
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0b4fe10d-536f-4598-bca9-06a89b923b61&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 381
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFshQh4RMHkYF3uzZll4mKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 383
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D
Request Chain 385
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2654045899593000745508?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0aNQVQpE2oSVcs1EbksvsoHnTmt8m_eTPxhsRp9iXg--~A&dongle=0883
Request Chain 386
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2654045899593000745508&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 387
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=d5062a18-833c-466f-857e-c319d2db3aba&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 388
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5694220248042463684&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 392
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 393
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 394
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=d5062a18-833c-466f-857e-c319d2db3aba
Request Chain 395
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 397
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=44346e42-952c-4f1d-b0c0-0dc4ae970d46&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 398
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABGyU7LDpoAABLqhLWj3g&name=BEESWAX
Request Chain 399
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=0b4fe10d-536f-4598-bca9-06a89b923b61&name=THE_TRADE_DESK
Request Chain 400
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=dd6356acd31e2554e5ebdf80ec405191&gdpr=0&gdpr_consent=
Request Chain 401
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 402
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=84bea3be-9a6a-4ed4-82b4-70603c56785b%20&gdpr_consent=null&gdpr=0
Request Chain 403
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
Request Chain 404
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 405
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09f32204003d5f7a61d61315&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 406
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 408
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=-5382237576284782697 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=f98a3f26-60c3-5366-bc0c-dd3cd98b91db&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 409
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=5e8c4e84234d42378ed8c3dc5e8a15cf&gdpr=0&gdpr_consent=
Request Chain 411
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=20560212-405c-4749-873a-fe6447306cc7&gdpr=0&gdpr_consent=
Request Chain 412
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f6556201-e2bb-4950-b3c4-8bf0b005c3c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 415
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Request Chain 416
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 418
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 420
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5694220248042463684&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2622585069 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0b4fe10d-536f-4598-bca9-06a89b923b61 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=317&uid=7567752064217675276&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3463674596634439000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=H3v2hPZHpRiHWZu3QaKVVlWe&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3D%23PMUID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D6%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID
Request Chain 422
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
Request Chain 423
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
Request Chain 424
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Request Chain 426
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Request Chain 427
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
Request Chain 428
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=fIMWacYKgrFEqBAgzEFJr-ejJPoBFE1KPBvBonKw3m8
Request Chain 430
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCR3lVN0xEcG9BQUJMcWhMV2ozZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABGyU7LDpoAABLqhLWj3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABGyU7LDpoAABLqhLWj3g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABGyU7LDpoAABLqhLWj3g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABGyU7LDpoAABLqhLWj3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7567752064217675276&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABGyU7LDpoAABLqhLWj3g&gdpr=0&gdpr_consent=
Request Chain 431
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5694220248042463684&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64502748375613eb&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpwMk_u4fAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 433
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYdM5wAJJDs0hgBd
Request Chain 434
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&vxii_pid=12&vxii_pid1=10067&vxii_rcid=82460003-48cb-4c49-a65e-994e0c3969c3
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
Request Chain 439
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16165cd0ff66116c&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpANbD26VAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
Request Chain 440
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2d69c003-0441-4838-bfb1-76c558b7499b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ed06aec411b0fbd&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHapiq2uSApQMmSwwNAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 441
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10E294661_642F5A8D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 443
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2665424737501304248&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5676a4b266791062&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXqANXRF6aAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 446
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e78622b7a2bbf1fc0ef9c6f517055de7&gdpr=0&gdpr_consent=0
Request Chain 447
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent=
Request Chain 448
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5694220248042463684&gdpr=0&gdpr_consent=
Request Chain 449
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=tYLedLfUg3au09Eg5tHLdrXThXuu1d8ntYY8-YBf
Request Chain 451
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 452
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1703365863199.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 453
  • https://ssc-cms.33across.com/ps/?_=1703365863199.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212299388733440&gdpr=0&gdpr_consent=
Request Chain 454
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477422413570171&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=44346e42-952c-4f1d-b0c0-0dc4ae970d46 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=44346e42-952c-4f1d-b0c0-0dc4ae970d46&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 455
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw%7EA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 456
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=18cbda428242116c&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF0gjGvVXNrwMFtNlgAAAAAAA&expiration=1703452263&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF0gjGvVXNrwMFtNlgAAAAAAA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 457
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2654045899593000745508 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2654045899593000745508&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 461
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D656033%26a%3D482928%26domain%3Dvisitor.omnitagjs.com HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=9c1797cf-c4d5-0dc0-3a3a-e375c6492df7&traffic_source=snippet&session=95A32625EDA3DCE9&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
Request Chain 465
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQIK1X6U-1H-9UYC HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIK1X6U-1H-9UYC&name=RUBICON&gdpr=0
Request Chain 468
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQIK1X6U-1H-9UYC HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIK1X6U-1H-9UYC HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIK1X6U-1H-9UYC&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=87e35591-8df3-4747-abf4-1581f1cca478
Request Chain 470
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2654045899593000745508
Request Chain 471
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H3v2hPZHpRiHWZu3QaKVVlWe

469 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request prehistoric-handprints-finger-missing-ritually-removed
www.theguardian.com/science/2023/dec/23/ 		305 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
871f125c3d4e5a29d2878c24950916d7b30e04fbc5d348e05eeb8ada3b13e03e
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
23
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding
gzip
content-length
51371
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 21:10:57 GMT
etag
W/"hash-7700147910551889333"
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
link
<https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.web.1e1b8f86e0acbcfc8ce2.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gu-dotcomponents
true
x-gu-edition
us
x-gu-frontend-git-commit-id
04fe268426eba234962a32b98c6cf614d2dc92a2
x-timer
S1703365858.631243,VS0,VE2
x-xss-protection
1; mode=block
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		0
967 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
age
370708
detected-user-agent
Chrome Mobile WebView/120.0.6099
x-cache
MISS
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
156
x-served-by
cache-ewr18136-EWR
referrer-policy
origin-when-cross-origin
x-timer
S1703365858.676784,VS0,VE72
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
frameworks.web.1e1b8f86e0acbcfc8ce2.js
assets.guim.co.uk/assets/ 		0
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.1e1b8f86e0acbcfc8ce2.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
zgtLpIsl_UdrXp61Ho2_XA2jXw0M52VB
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
QG29MSCMEB7VSZD5
age
714646
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.1e1b8f86e0acbcfc8ce2.js?http3=true
fastly-restarts
1
x-amz-id-2
5hAxU/bNcC+SvZ8qBxSyRe1Ayj4nj6fqnKQwSfVA5mlvHFtUFLaes3MtMDQ309UmVqAs5Ro3xxw=
x-served-by
cache-ewr18136-EWR
content-length
20775
last-modified
Fri, 15 Dec 2023 14:37:55 GMT
server
AmazonS3
x-timer
S1703365858.676210,VS0,VE0
etag
"040217a95e79c78196d4919397ccfe0e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
7058
index.web.04b987504baf7946a850.js
assets.guim.co.uk/assets/ 		0
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uw6FocdS.rTy_sxqVQSDYW88sp12BFhR
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
Q6FYZFWWMMMBD1ZH
age
182201
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.04b987504baf7946a850.js?http3=true
fastly-restarts
1
x-amz-id-2
HhgcBqgTFRW0wrrbwA4mUP3m0se3z8yJjdeYB27RkraumgV8c8eJ72rG0RfNSvUng+SPxlhdiSM=
x-served-by
cache-ewr18136-EWR
content-length
45456
last-modified
Thu, 21 Dec 2023 18:32:14 GMT
server
AmazonS3
x-timer
S1703365858.763584,VS0,VE0
etag
"1f65dea36a3b5c62a2806550cbc82797"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1681
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/ 		0
80 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
1kjLoRyV5AhffR8Lq6mXkKyRurkdQvVk
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
KHX8V7X4G0GFQ2N6
age
358461
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
BF/6bWikLRenjM5+WQU73NpVxj3OhkXGTq3m1BYNgol4m6hEVrUC+AVGCVP9Bh4Rmsj0HtQSUrI=
x-served-by
cache-ewr18136-EWR
content-length
81378
last-modified
Tue, 19 Dec 2023 17:32:23 GMT
server
AmazonS3
x-timer
S1703365858.763568,VS0,VE0
etag
"c19a0adbe0814bc05256986a1e26bbf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3424
GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
TQBBR2H1EKHPDA4P
age
3417725
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
9b2eMyIB1dK1m++LPOuaIiizaKvCuUubnY/fHrVFMxLIeM+VABLtAjnpaQPuafhpMCYTgyiZQU8=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
16492
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738099,VS0,VE0
etag
"f5d54732577509c40f5a5a47f47aeab5"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
14243
GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
NppmnaNT0.flIJWpyurLSQmcrEPnbJ4q
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
8VR7SJZ9AYBQC63F
age
3409995
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
P9B4bqVFpKWUunZ3M927ulostAfIWzvWiPMb3FNLvaBFLTf72VEgoSXJjMUvrcmDzHyBg6h4VGs=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
16792
last-modified
Fri, 10 Feb 2023 15:45:04 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738077,VS0,VE0
etag
"66184690aa8f829b88f8d7b855ec63fd"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
13766
polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 		168 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d98a90c5ca673bc086842e5cd3189cd2bbd9915b82b2f64fbd5211e9b0d6d79b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
age
370708
detected-user-agent
Chrome Mobile WebView/120.0.6099
x-cache
HIT
x-gu-debug-url
/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
156
x-served-by
cache-ewr18136-EWR
referrer-policy
origin-when-cross-origin
x-timer
S1703365858.714441,VS0,VE34
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
frameworks.web.1e1b8f86e0acbcfc8ce2.js
assets.guim.co.uk/assets/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/frameworks.web.1e1b8f86e0acbcfc8ce2.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32f438381dd6278628cf724f4090bf83bdc43aa5ba0754f490fc50eadeffbe13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
zgtLpIsl_UdrXp61Ho2_XA2jXw0M52VB
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
WJTVMV4PG3XK71BJ
age
714680
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/frameworks.web.1e1b8f86e0acbcfc8ce2.js?http3=true
fastly-restarts
1
x-amz-id-2
/W16b8H4PJJcsYJbBdQoUmwKYVNGlgWyszeagVbUrCxt9gGPIqJNgHBcQYT/HSsp7NepzP1T0sUeNP/oUH1UMQ==
x-served-by
cache-nyc-kteb1890029-NYC
content-length
20775
last-modified
Fri, 15 Dec 2023 14:37:55 GMT
server
AmazonS3
x-timer
S1703365858.763183,VS0,VE0
etag
"040217a95e79c78196d4919397ccfe0e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
7084
index.web.04b987504baf7946a850.js
assets.guim.co.uk/assets/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f10c2e3a5b5d8876b6474e6e81f092e6713a7089b308eca70268c191497717d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uw6FocdS.rTy_sxqVQSDYW88sp12BFhR
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
QRCW3NWB5K2GYRXZ
age
182166
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/index.web.04b987504baf7946a850.js?http3=true
fastly-restarts
1
x-amz-id-2
uNSmNqocueuHqArict0VWSRhpy41EPSKWpQXyuVbuAQF0hAKg5Z7O2bkMihC/NHOGtHUpjI41rw=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
45456
last-modified
Thu, 21 Dec 2023 18:32:14 GMT
server
AmazonS3
x-timer
S1703365858.738046,VS0,VE0
etag
"1f65dea36a3b5c62a2806550cbc82797"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1935
graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/ 		260 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c0c8598647429054a819dfe73f0ebecb407d9fb64c856a40afee0273e8366d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
1kjLoRyV5AhffR8Lq6mXkKyRurkdQvVk
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
KHX8V7X4G0GFQ2N6
age
358461
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
fastly-restarts
1
x-amz-id-2
BF/6bWikLRenjM5+WQU73NpVxj3OhkXGTq3m1BYNgol4m6hEVrUC+AVGCVP9Bh4Rmsj0HtQSUrI=
x-served-by
cache-ewr18136-EWR
content-length
81378
last-modified
Tue, 19 Dec 2023 17:32:23 GMT
server
AmazonS3
x-timer
S1703365858.763198,VS0,VE0
etag
"c19a0adbe0814bc05256986a1e26bbf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3423
print.css
assets.guim.co.uk/static/frontend/css/ 		81 B
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/css/print.css
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BTP4rKBVDJL5eVvkGlxpJ6d6pXeQWqid
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
FW85HRM2PQT0W2ND
age
80217067
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/css/print.css
fastly-restarts
1
x-amz-id-2
4lD4sAgCFKhnDAucjEYgUL4TIU7Bt0rQMBQsWdsB0Dx3x1mlkdV+oLHmYd9TirnnRyPg8ZsAxNo=
x-served-by
cache-ewr18136-EWR
content-length
91
last-modified
Mon, 07 Jun 2021 16:07:15 GMT
server
AmazonS3
x-timer
S1703365858.763610,VS0,VE0
etag
"db34472656eebc5c36590124014292c0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
20376
3728.jpg
i.guim.co.uk/img/media/b0ec3867db424e8e9112239d87ace69807d32501/0_175_3728_2237/master/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/b0ec3867db424e8e9112239d87ace69807d32501/0_175_3728_2237/master/3728.jpg?width=620&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f148a668e19761c9791bdd2fbae552b72f4001a9822b393c39fe39c4467248

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img04-europe-west2
age
18619
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3218768 idim=3728x2237 ifmt=jpeg ofsz=46985 odim=620x372 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
175
content-length
46985
x-served-by
cache-lcy-eglc8600045-LCY, cache-ewr18136-EWR
server
AmazonS3
x-timer
S1703365858.731136,VS0,VE4
etag
"O2gPBlID5zvR9eD313Nc3+IhEP0fJ7/lpydFXfgijqU"
x-amz-meta-bounds-height
2237
x-amz-meta-bounds-width
3728
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
2, 1
Robin_McKie.png
i.guim.co.uk/img/uploads/2023/05/15/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/uploads/2023/05/15/Robin_McKie.png?width=140&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
860ad3ee5c468defdf11c4d0a397decfbac4fe8d2128681f5ea03b591e6c7c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
age
1573561
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=537991 idim=720x600 ifmt=png ofsz=3133 odim=140x117 ofmt=avif
fastly-stats
io=1
content-length
3133
x-served-by
cache-lcy-eglc8600077-LCY, cache-ewr18136-EWR
server
AmazonS3
x-timer
S1703365858.730920,VS0,VE1
etag
"5iLJ7V/k+jHh0Ztex58Th7YvyJzUOnRHV8imEstEFHk"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.theguardian.com
x-cache-hits
767, 1
GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
CHG1K0EJNY0HC5G0
age
1606950
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
fastly-restarts
1
x-amz-id-2
fHooCdlPSQbQkpDKOEXdUbkuxefcNRGgeh+8S1iikKR9DTvzw1etQ79cTleLroE8u/PaqHuYDvc=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
15416
last-modified
Fri, 10 Feb 2023 15:45:12 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.737458,VS0,VE0
etag
"5c9af23772b65de0d3f1fb8638c196b4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
14182
GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
DVHY0WXKTQ7MCSDX
age
4541544
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
fastly-restarts
1
x-amz-id-2
dqb19FW3nUsK90LdlmtbzwYlxeCxEix12N9m8yTwoQOzyO9thcPRyBt3tXe9RnbAJYVShbxxpaM=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
17376
last-modified
Fri, 10 Feb 2023 15:45:11 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738394,VS0,VE0
etag
"227b6e4f26bef19d8f2815f6097b7b7c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
14175
GHGuardianHeadline-Light.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
tM62LOrdLaMKn7SwsykFpyDsGOAwuAG3
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
PN1XXAXKVBNQXMRM
age
2108300
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
fastly-restarts
1
x-amz-id-2
KPQ9QD+kXKJ1QJUyxd09ZYyfO7vTkkc2EIyo6dun2AyQAF9tRn641hRti+h1OaomstU8gX/elSQ=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
15764
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738161,VS0,VE0
etag
"5acde69d26abfad0f3ef938733057577"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1590
GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
HHIQ3WeGDwVAN5VSRXOfuICG.s7kCaes
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
QPS6MKKY63T57YNQ
age
3941037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true
fastly-restarts
1
x-amz-id-2
qlVJLJLjc1PCP/71RIS31SXWpIa+yu2mScJubOTo1YhLlrwhtOskN22YjwxKFWuEVz3xXDajAGk=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
16612
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738161,VS0,VE0
etag
"08f5422d28aa5861fac0170cef914db8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
13539
GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.theguardian.com/
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
aOcyf0Rw_c_KHyqgDfMRZ62nHs_3ToNn
date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
GR8VT5914CGCFRWY
age
2023350
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
fastly-restarts
1
x-amz-id-2
lgTg0fdzPIoKg7Ph7jGCsYw52LYcs4noxmOYiaMAPBPb8RCx9Yls8pTXGtlbDPLs/QdFevl5Ixs=
x-served-by
cache-nyc-kteb1890029-NYC
content-length
19052
last-modified
Fri, 10 Feb 2023 15:45:10 GMT
server
AmazonS3
x-fonts-legal-notice
The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer
S1703365858.738065,VS0,VE0
etag
"f1117595ec5a2cf9f3a9834f42e5fd08"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
12828
3416.jpg
i.guim.co.uk/img/media/db6126d8fc6748d7239de7963e3673fa653b4189/0_427_3416_4267/master/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/db6126d8fc6748d7239de7963e3673fa653b4189/0_427_3416_4267/master/3416.jpg?width=380&dpr=1&s=none
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06f797c234233200a56b848ede38034c1967c6fce64287804301b332f5969c57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img04-europe-west2
age
18599
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=10556625 idim=3416x4267 ifmt=jpeg ofsz=44086 odim=380x475 ofmt=avif
fastly-stats
io=1
x-amz-meta-bounds-y
427
content-length
44086
x-served-by
cache-lcy-eglc8600021-LCY, cache-ewr18136-EWR
server
AmazonS3
x-timer
S1703365858.767861,VS0,VE1
etag
"dB0nUYxYx3cG7zzuOR1yfDSQus+1MEQNv8XPI3jXfsA"
x-amz-meta-bounds-height
4267
x-amz-meta-bounds-width
3416
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
4:5
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
65, 2
1659.web.1f70a3e54e71efe01ee2.js
assets.guim.co.uk/assets/ 		839 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1659.web.1f70a3e54e71efe01ee2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
TXAGwUZy45EwGthWFRS3oEXYltf3yXR0
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
RZ2YSGA3K4F57X8Z
age
5557924
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1659.web.1f70a3e54e71efe01ee2.js
fastly-restarts
1
x-amz-id-2
tSZ/dt2q5zaOr9EC1v/I8oEh7CpcbZq4rngu/WhOU4vbl1JWBF6UXIJ0dv8DCAwj+DCq/S4Bn4M=
x-served-by
cache-ewr18136-EWR
content-length
518
last-modified
Fri, 20 Oct 2023 13:15:17 GMT
server
AmazonS3
x-timer
S1703365858.851264,VS0,VE0
etag
"278a9b57f3fc83ee8205fdc3c1a1849a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19982
480.web.c06e7950b689def5ec3d.js
assets.guim.co.uk/assets/ 		843 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/480.web.c06e7950b689def5ec3d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
7c7XO.4umQPhCFoQb.AFf8Qa8dwr36qs
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
1AVG5A5HTV4EWPCT
age
5558026
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/480.web.c06e7950b689def5ec3d.js
fastly-restarts
1
x-amz-id-2
Y7MItxHUyeC/hL12r/i4epxYWNNJgUS9y1V8e/CU2rU5GpYwtAykRMN4xyg7UVcCnFHKxwrREG8=
x-served-by
cache-ewr18136-EWR
content-length
524
last-modified
Fri, 20 Oct 2023 13:15:25 GMT
server
AmazonS3
x-timer
S1703365858.851504,VS0,VE0
etag
"fb830fe42565d5dccd68ffab0653e52f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19816
9422.web.3cecc01f38dd7790ccd1.js
assets.guim.co.uk/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/9422.web.3cecc01f38dd7790ccd1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2ERAm0UhN6AdBt01gvGrDXKj8xRKFdsh
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
CGPV7VJAAAX0CA0E
age
5558002
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/9422.web.3cecc01f38dd7790ccd1.js
fastly-restarts
1
x-amz-id-2
owyal5a1loun50kZWyc+vGZhl/xfHbm195d1IjWuaDWsxr/drxzqeDHuitObJ38UWonzSUAIYQo=
x-served-by
cache-ewr18136-EWR
content-length
614
last-modified
Fri, 20 Oct 2023 13:15:35 GMT
server
AmazonS3
x-timer
S1703365858.851926,VS0,VE0
etag
"8cefbd21cadb2552c97445b5117319b0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19411
4591.web.75f044ffc3d11f2dbded.js
assets.guim.co.uk/assets/ 		558 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/4591.web.75f044ffc3d11f2dbded.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
4WdxY1w4qqXScybVnTwwUUfNn2BCLJh0
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
CDPD55BJMHPMER3C
age
5558015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/4591.web.75f044ffc3d11f2dbded.js
fastly-restarts
1
x-amz-id-2
rpo1KRtifIJE7t9OyIr1X0VLsf+vv5E5y2NSWhP9qmVV1OUH6MB5NM+CHTkbZhgWH5ZMtp+uf5c=
x-served-by
cache-ewr18136-EWR
content-length
404
last-modified
Fri, 20 Oct 2023 13:15:25 GMT
server
AmazonS3
x-timer
S1703365858.852293,VS0,VE0
etag
"65a41e32931b294e87acd412f5a18b66"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19685
Metrics-importable.web.c282a5db09a9c4ccd901.js
assets.guim.co.uk/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/Metrics-importable.web.c282a5db09a9c4ccd901.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ff7405518d38db332f925d0a3be223bec01f678933279963f9c5d44263ed30d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IoaSGZ30.w7QhGfzj.OAJtcK7g2dBJ1C
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
C76GV8PGEZXCE60T
age
714620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/Metrics-importable.web.c282a5db09a9c4ccd901.js
fastly-restarts
1
x-amz-id-2
5TezvpAQ4i4DsYwJSXezClJs9eYNCbfbWK9cGjUvxRBHa6e6cZCeGMobDKKlTMBpMyBAv7Ulf0I=
x-served-by
cache-ewr18136-EWR
content-length
2289
last-modified
Fri, 15 Dec 2023 14:37:53 GMT
server
AmazonS3
x-timer
S1703365858.865647,VS0,VE0
etag
"320e5932b8865089cf40bcee43d700d9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6529
SetABTests-importable.web.e13d7eccc07e907feb1e.js
assets.guim.co.uk/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetABTests-importable.web.e13d7eccc07e907feb1e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bda6328a7bf6718a2a75b3eb753f23b1f190acf375461584642af92c53494c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
h4hAdjNLR_KxnSebIXOTabar.1JzZXA5
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
D5XH5E90V2M4QJ7E
age
358369
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetABTests-importable.web.e13d7eccc07e907feb1e.js
fastly-restarts
1
x-amz-id-2
lftdnYMiQoDVf/u7JLYC3D+dfMSkmV3IjUU2FFmbSCfDZDRLLq3xIsdgjYA4bFALwL63xLyhI6o=
x-served-by
cache-ewr18136-EWR
content-length
3500
last-modified
Tue, 19 Dec 2023 17:35:03 GMT
server
AmazonS3
x-timer
S1703365858.866024,VS0,VE0
etag
"902b0b01c8d5932215ec85b7c458a2c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3237
SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
assets.guim.co.uk/assets/ 		731 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
P0JpPO1FptjpeabRYC3VhwVllJ1MnChr
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
NQ6H4Z4Y5QR51DYG
age
4098598
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
fastly-restarts
1
x-amz-id-2
sLv1X9vO/0/yoNmH9G2n/M6NtlwXyuutiq3H0oY0UDqak37mp8/Tl93RBvICEuTbpU5xHzbRgUA=
x-served-by
cache-ewr18136-EWR
content-length
481
last-modified
Mon, 06 Nov 2023 10:38:07 GMT
server
AmazonS3
x-timer
S1703365858.866611,VS0,VE0
etag
"f69c7585b251d4a9280ec36fdaef0b0d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19750
489.web.d5c13f7f2068c1e9959f.js
assets.guim.co.uk/assets/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/489.web.d5c13f7f2068c1e9959f.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4680406b1cf4b31004b6ca893cf4a3ed2dc778d753423c091c855f4560197b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
CgBwq4b0HzMPuZPFYgURXTbW3gu5cvzG
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
C76TEN098W2H337Q
age
714620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/489.web.d5c13f7f2068c1e9959f.js
fastly-restarts
1
x-amz-id-2
07ZnBrUMo0/Q3th8WFMtEttKXmtF+WRo5ZZa+KccHkC2VlkdZ4pav0HbX8/DlvImcjlf+KWc/yk=
x-served-by
cache-ewr18136-EWR
content-length
5219
last-modified
Fri, 15 Dec 2023 14:38:03 GMT
server
AmazonS3
x-timer
S1703365858.866908,VS0,VE0
etag
"5f044085392040e5917b5992c05e07e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6388
HeaderTopBar-importable.web.f3e44346fda2d0cf76c3.js
assets.guim.co.uk/assets/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/HeaderTopBar-importable.web.f3e44346fda2d0cf76c3.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e145f086efde44562d1d11c7d771351251dce322a9fa97f0640f4d8c6aa2ae3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DtM3677cEY9PqA_VPbZ.IR5VkqcKagfs
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
JDV52Z4QAJQPQT4G
age
714687
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/HeaderTopBar-importable.web.f3e44346fda2d0cf76c3.js
fastly-restarts
1
x-amz-id-2
rhFHm3hBHoJXNfOpg0jUnf7dvFvrj2/XrC4z2OTGa0xL2vuOIx7MwYFLrj/mHU4w6BLupoSIsGo=
x-served-by
cache-ewr18136-EWR
content-length
10828
last-modified
Fri, 15 Dec 2023 14:37:57 GMT
server
AmazonS3
x-timer
S1703365858.866892,VS0,VE0
etag
"b1c70ddf482f693f9638976411421af9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6417
1
ophan.theguardian.com/img/ 		0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/1?v=17&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ref=&visibilityState=visible&tz=600&navigationType=navigate&contentType=article&viewId=lqik1vgtl9q9iyj74x0f
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&inPrivateBrowsingMode=false
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
wrapperMessagingWithoutDetection.js
sourcepoint.theguardian.com/unified/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
content-encoding
gzip
via
1.1 46b3f244fe2a22dff3a717bf9da34d86.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
1132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-ewr18136-EWR
last-modified
Thu, 02 Nov 2023 15:08:07 GMT
server
AmazonS3
x-timer
S1703365858.920700,VS0,VE2
etag
W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
HwswA-fNlSqFpulgC6jtgZREkZLxZx7QGyyJUwfCD_a7oWCMwiRHtg==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&edition=US
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&abTestRegister=%7B%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&experiences=dotcom-rendering
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
ccpa.b154ec02644cd990c80b.bundle.js
sourcepoint.theguardian.com/unified/4.13.4/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/unified/4.13.4/ccpa.b154ec02644cd990c80b.bundle.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
content-encoding
gzip
via
1.1 46b3f244fe2a22dff3a717bf9da34d86.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
4428140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-ewr18136-EWR
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-timer
S1703365858.970489,VS0,VE2
etag
W/"77e3e266e4f094462ddad55cf561b5bb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
J6UyjqRslYuqhiYhX-s1ZXKXtohcKxiUSX1Yp65mZUdta73mSCaMEQ==
x-cache-hits
0
get_site_data
sourcepoint.theguardian.com/mms/v2/ 		207 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&account_id=1257
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:57 GMT
via
1.1 872838324e32b579ba7d3bf4c42b2d24.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node
ip-10-128-21-251
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
18320
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.970962,VS0,VE3
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
jH2Cov1Pxn9c1jFz-_9Kj-jLlEC5YvEc79g_wnxpxAjW0lsuoTrmZg==
x-cache-hits
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&abTestRegister=%7B%22SignInGateMainVariant%22%3A%7B%22variantName%22%3A%22main-variant-5%22%2C%22complete%22%3Afalse%7D%2C%22MpuWhenNoEpic%22%3A%7B%22variantName%22%3A%22variant%22%2C%22complete%22%3Afalse%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&attentionMs=0
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
FocusStyles-importable.web.494ac61b529def96eb8c.js
assets.guim.co.uk/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Zsy6gN7fhIhlZ5U5ZqmpFt0LcelkJXpZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
TV1N016M3ESDS7A8
age
5557960
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js
fastly-restarts
1
x-amz-id-2
zs7555f67KkivxlmVdwwq/qQM6HwuJSiA5A6IZ8VEhFUBLJ9vfoKAtxuMrabhH8zC/4eEyTqMNc=
x-served-by
cache-ewr18136-EWR
content-length
607
last-modified
Fri, 20 Oct 2023 13:15:18 GMT
server
AmazonS3
x-timer
S1703365858.988791,VS0,VE0
etag
"d987baa0cd3dc53340e22651e6055f9c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19393
AlreadyVisited-importable.web.9fd057703ba4caea264c.js
assets.guim.co.uk/assets/ 		603 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/AlreadyVisited-importable.web.9fd057703ba4caea264c.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28c97a895261a6b11e4114d46894cf288d77f5184e4bc1a67c281f96067fbff7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IVYl5ak3iU1wbOCGZf3TTaSLBiU2kzVt
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
JDV2BCXZGXVNNMMF
age
714687
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/AlreadyVisited-importable.web.9fd057703ba4caea264c.js
fastly-restarts
1
x-amz-id-2
El+2DrZMhIlgbRGDdweRBzergp39TwmJUgXLEjjvXG8sL4USboBElfYn9TBKCjOkzeTsUADM8B4=
x-served-by
cache-ewr18136-EWR
content-length
415
last-modified
Fri, 15 Dec 2023 14:38:04 GMT
server
AmazonS3
x-timer
S1703365858.989749,VS0,VE0
etag
"0ac536f4b79934ca9de6fc1ee15bcc57"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6585
BrazeMessaging-importable.web.c031c5550216441b5903.js
assets.guim.co.uk/assets/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/BrazeMessaging-importable.web.c031c5550216441b5903.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5feaa4376be94b915443d2023735dc08ad0810e0dc47607964f7b77041d049f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2BWgj4GJzlzECf0dwAIPf0eU_.VeX4mX
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
0YBAR05P50H7F81A
age
714666
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/BrazeMessaging-importable.web.c031c5550216441b5903.js
fastly-restarts
1
x-amz-id-2
cV0H6kAX7GzIYcR1M8heegvMR7eghyqMkTRQiv3118VYYmdCu22j0cCI/rhhi/NnNoagU9bCyn4TqnNXBnP4RA==
x-served-by
cache-ewr18136-EWR
content-length
5273
last-modified
Fri, 15 Dec 2023 14:38:06 GMT
server
AmazonS3
x-timer
S1703365858.989726,VS0,VE0
etag
"a76304928a1114df79dd6ff940cb39eb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6541
ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
assets.guim.co.uk/assets/ 		778 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81dd351bcd437894cb1d90c09e1d986df5e41e3d0003aa62fbf8d822be580809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
nmLrDFehNKSGMZEmg.D.HYpKZFlENC1t
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
10PQWSCTKCJG7B5X
age
3137020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/ReaderRevenueDev-importable.web.aca5026dcba358432f52.js
fastly-restarts
1
x-amz-id-2
QhCxhXtvA20duUImoPO93mSJXiOIgKLgd3SeVdo0sFuuGdcojuiRGm1DKyfb5noDLwCYGGdmTX4=
x-served-by
cache-ewr18136-EWR
content-length
466
last-modified
Fri, 17 Nov 2023 13:44:29 GMT
server
AmazonS3
x-timer
S1703365858.989965,VS0,VE0
etag
"195557a0054e67b9cbd75b35812cc163"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
19798
2848.web.026dfd259cc535fbd07d.js
assets.guim.co.uk/assets/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/2848.web.026dfd259cc535fbd07d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbed55709808bd73561495adc0c1dc3bfec733542a5e657ec54f4ca9eab3006c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IBNtTMpATDl2lgl3cbyAuYWd1P_Wp0DL
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
BVYYWGT5N18HZC2P
age
2272743
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/2848.web.026dfd259cc535fbd07d.js
fastly-restarts
1
x-amz-id-2
8OfMUMwCVj6tl1OiP4mY+VDzyYL/RVo85ps0urS4boh3VFAo8XZiPkywjHDKyWgtNzXdnEwsprKxszIKVO1Gbg==
x-served-by
cache-ewr18136-EWR
content-length
16256
last-modified
Mon, 27 Nov 2023 13:49:22 GMT
server
AmazonS3
x-timer
S1703365858.990865,VS0,VE0
etag
"2984af7a57b4ddb6bf86c967be96a3c5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
20441
SupportTheG-importable.web.10e7f9d52396769b0d35.js
assets.guim.co.uk/assets/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SupportTheG-importable.web.10e7f9d52396769b0d35.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1d18626bbc6a0564ba74209097cdecd247abdc3fb4004ad45c167f6b50677a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
VLv_ljBQSfgijwr3aweu1MIBI6qKegH_
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
BYBTG69EB4YXC3W2
age
714626
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SupportTheG-importable.web.10e7f9d52396769b0d35.js
fastly-restarts
1
x-amz-id-2
clScwKSgXV4KNKMEBt8W8eJReTcNfHsxyg80PowUjRQVFi+wzRShmZXHz1/y4+YO8jJ/xb4SSnc=
x-served-by
cache-ewr18136-EWR
content-length
6353
last-modified
Fri, 15 Dec 2023 14:37:53 GMT
server
AmazonS3
x-timer
S1703365858.990849,VS0,VE0
etag
"ff8bfff5aaf9921f9c5caf429f2b5923"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6379
SubNav-importable.web.bcdf6439c0fe5314e171.js
assets.guim.co.uk/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SubNav-importable.web.bcdf6439c0fe5314e171.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4d581ae9576c3863c46052e639c3f50fc360f5e30a68a1a44ece9811687c9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
FPxnyhCeoZ4zeGLKV7UcdbzoG2H00Aq0
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
T6B22D66WSTF88CZ
age
714620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SubNav-importable.web.bcdf6439c0fe5314e171.js
fastly-restarts
1
x-amz-id-2
zq3AAnnCMgNeAtTphIxuUM7Dg8RlA4M7R+n4b2gruYyG5N0E+zKr2E5zCinw1eXfrv29YTzVJaQ=
x-served-by
cache-ewr18136-EWR
content-length
2364
last-modified
Fri, 15 Dec 2023 14:37:53 GMT
server
AmazonS3
x-timer
S1703365858.991380,VS0,VE0
etag
"f4d8df9364954f9dbcd73634fee5f141"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6297
1987.web.1f091ac9e0453036bb65.js
assets.guim.co.uk/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/1987.web.1f091ac9e0453036bb65.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dff5b33bb4232cdb28b6e5de7a9db097762b2b049d46d8c651bba2aa2182724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
WM6l1A1iiEeJNCfkoAdvkqwK8gWeti2X
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
ZKX9ENH0MN5AR955
age
714531
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/1987.web.1f091ac9e0453036bb65.js
fastly-restarts
1
x-amz-id-2
fr5nVx9Zd7C5SHSjZy0ny3pL9LIywPvQ81qYoC/ovesGmPETO9MKTsGW5XT7AV6hJLwepjS/5EUNZg2QJztyAA==
x-served-by
cache-ewr18136-EWR
content-length
3159
last-modified
Fri, 15 Dec 2023 14:37:55 GMT
server
AmazonS3
x-timer
S1703365858.991340,VS0,VE0
etag
"30fd53d64f3f945ae134721da99ccee9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
2528
3968.web.bceb4be615b453ceb6ce.js
assets.guim.co.uk/assets/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/3968.web.bceb4be615b453ceb6ce.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70508467cb9e0c1c1da7ce4fe9cd5495acdbef6478a22eda8f0b24557a564f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
bWAGbt.4mfakTBMum7wAaj9DF5G0k4LT
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
0MTE00KTGZ6W0PPS
age
5557641
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/3968.web.bceb4be615b453ceb6ce.js
fastly-restarts
1
x-amz-id-2
Kr5zEZa2Z60BW8bufY3Snrlz+Mlb1E5ixCSGwlsBG/ywbIn4LdzC/ZJuQyiVK+QysviV/STJrao=
x-served-by
cache-ewr18136-EWR
content-length
3791
last-modified
Fri, 20 Oct 2023 13:15:24 GMT
server
AmazonS3
x-timer
S1703365858.993214,VS0,VE0
etag
"d05a7d4ea0df0e7a395953edd16dbf3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
308
SecureSignupIframe-importable.web.206a634ec80544a2689e.js
assets.guim.co.uk/assets/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/SecureSignupIframe-importable.web.206a634ec80544a2689e.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49c70f3f03455ea4833675cf458661307247c9be9154bd7a7f48509a5d28f2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
g71igFeZrc_pDpbtKhT92B7aTSNIlWTS
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
VKASFZJ1ZT54C1KP
age
714307
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/SecureSignupIframe-importable.web.206a634ec80544a2689e.js
fastly-restarts
1
x-amz-id-2
/W1AGbsNccsrteN9di3aBs/CYK1UmS1zHiUra5vWP5O8oOeNKljQmg1VMKtvOgp1tOlQsW4zfF0=
x-served-by
cache-ewr18136-EWR
content-length
4931
last-modified
Fri, 15 Dec 2023 14:37:56 GMT
server
AmazonS3
x-timer
S1703365858.993182,VS0,VE0
etag
"70d47f1436228c36360c051c04e9dea4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1816
7776.web.67332e14ee843cca5db2.js
assets.guim.co.uk/assets/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/7776.web.67332e14ee843cca5db2.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d0ffa8081f591d895ba54c71ace599f2a1e33f0b6d571791cf5258564e95117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
YF._74JSo6gK7Iutwo6bFDbpA1YWrjhM
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
9TWWN8EGXK9FJSW6
age
358447
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/7776.web.67332e14ee843cca5db2.js
fastly-restarts
1
x-amz-id-2
m5KuRvymnRup5rxNLytDS6wgHIviScf+zj4dESYZX/urjJUFurb+xf2lUUbuSqi/0q2nbftO3W8=
x-served-by
cache-ewr18136-EWR
content-length
5045
last-modified
Tue, 19 Dec 2023 17:34:57 GMT
server
AmazonS3
x-timer
S1703365858.993158,VS0,VE0
etag
"70743de4e9ba12797a0acb8b25a227bb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3223
StickyBottomBanner-importable.web.42546db868c72eb0fb29.js
assets.guim.co.uk/assets/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/assets/StickyBottomBanner-importable.web.42546db868c72eb0fb29.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcf9f554d81b89c9c71820efe242539c924dc26d453d45f2588a783ffe0fe46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
SFkETLAYe2ImSrcr.5SPlKJD5BwCx8Cn
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
R05NQ6VCSJN25D89
age
210516
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/assets/StickyBottomBanner-importable.web.42546db868c72eb0fb29.js
fastly-restarts
1
x-amz-id-2
SeSjd07Mkx4Z/2qBwS4zUwGdjBmtfKShuA+JeHDSUE6JBKDWyETpeqhsSLx97Ic+2uOjWU2p8u4=
x-served-by
cache-ewr18136-EWR
content-length
5537
last-modified
Thu, 21 Dec 2023 10:41:01 GMT
server
AmazonS3
x-timer
S1703365858.993137,VS0,VE0
etag
"3dd45b224b9d94bc39e2ff150b0bf18d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1893
meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
21661
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
4pVt7oi0TZvBTB0cITTdsTo-V3SKp5oflhhGfDEB32d_0uEo5sbTUQ==
x-amz-cf-pop
JFK52-P4
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.004682,VS0,VE2
meta-data
sourcepoint.theguardian.com/wrapper/v2/ 		73 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
415
x-powered-by
Express
x-cache
Hit from cloudfront, MISS
content-length
73
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.037768,VS0,VE2
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
0C3KcIiuFZP6IqHSOwCg_-1Vk7wP-juBSvf8aePul7dq3PPqI7Ikrg==
x-cache-hits
0
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/3968.web.bceb4be615b453ceb6ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f1a35bdda07bc6ac03b60957dcdbf06623d1f5c6a26cf54eb1c9dc367ba4b1d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 21:10:58 GMT
messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
16938
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
3sKClzW9vfxo-gFQzk0vQzj1rXl2adVGZj0BRoC1DekVfOtz9XpIXA==
x-amz-cf-pop
JFK52-P4
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.081418,VS0,VE2
messages
sourcepoint.theguardian.com/wrapper/v2/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22framework%22%3A%22ccpa%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
b44b5461516ee7ec3c3bf587a0c41c47c894b967f20680ae9ff3f0c285b26263
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
236
x-powered-by
Express
x-cache
Hit from cloudfront, MISS
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.112974,VS0,VE5
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
pDIZuFSQcz_9OwLopjBdozA3wgqN1SHJ97gWIql1zGiJJJ0Sjv3rFQ==
x-cache-hits
0
header
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:10:58 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.110694,VS0,VE88
header
contributions.guardianapis.com/ 		978 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/header
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
d1576808c0d45401ae292cd1880d9348af30254af055ba1c194343392c906846

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nyc-kteb1890029-NYC
date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 varnish
x-timer
S1703365858.228165,VS0,VE81
x-powered-by
Express
etag
W/"3d2-Y5hwdv2nBHMvPTMoQOlbcByj1Y0"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
content-length
978
x-cache-hits
0
pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.theguardian.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 872838324e32b579ba7d3bf4c42b2d24.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
2OBq4AS8uOP405l1aX6b67b5Z5nhViOQ_HGoJXYp3ye_OIJKAB6YYw==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.151658,VS0,VE23
banner
contributions.guardianapis.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theguardian.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:10:58 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Express
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.167349,VS0,VE252
pv-data
sourcepoint.theguardian.com/wrapper/v2/ 		190 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
15d8b592f6ddec23971bd31a5f2191221315fdfe852a582e318bfd6e74def112
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
x-cache
Miss from cloudfront, MISS
content-length
190
x-served-by
cache-nyc-kteb1890029-NYC
x-timer
S1703365858.205859,VS0,VE13
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
FBAT9K8FhP1_0IWNaem2RxPasibK39-_exD0Q9NcQixXo5wz_fHQRA==
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 19:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4749
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Dec 2023 21:51:49 GMT
config.js
cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/ 		454 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512776118b23d4141b47f14fbc29c79a677caa2c74b5bae6cfa44a8bd8847d42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 14:11:50 GMT
server
cloudflare
x-amz-request-id
RJ975JNC4Q8RD29K
age
19
etag
W/"e67dfebd17dc609879f60a01fe4a344b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
83a39825dad44bc0-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/jJ7mfxs8S02fZ8djXQnNT8JttRd+7lRhG6XNT7zrzEXC3+sGFQqOMiNDc0C46X/okbDJrfqGT8OtBD/7iQZVg==
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22CONSENT%22%2C%22products%22%3A%5B%5D%2C%22labels%22%3A%5B%2201%3ACCPA%22%2C%2204%3A%22%2C%2205%3Afalse%22%5D%7D%2C%22action%22%3A%22MANAGE_CONSENT%22%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&consentJurisdiction=CCPA&consentUUID=&consent=true
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
graun.Prebid.js.commercial.js
assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/ 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
oNrX8_.USNMR7N9XDXzknBZXD.OwY7An
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
0EFZAZP0945QAB7Y
age
1491900
x-amz-server-side-encryption
AES256
x-cache
HIT
x-gu-debug-url
/PROD/frontend-static/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
fastly-restarts
1
x-amz-id-2
AwC7+H61AyRdjyPVkPjqL69zawmoAZLEcfTnxrs2frx4z6L0vI+RQXWuiZc/mwr7EoB0ycUWK5E=
x-served-by
cache-ewr18136-EWR
content-length
126618
last-modified
Wed, 06 Dec 2023 14:44:17 GMT
server
AmazonS3
x-timer
S1703365858.163209,VS0,VE0
etag
"d1883e2ffd9035ca50a3310d195bc4e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
12603
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:54:26 GMT
content-encoding
gzip
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 c079338af747d912717239089fea0484.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
993
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
YqFTw08nyfaZYjqTz4tiP8Gm9p83a5hjf0TiiZ_i5k4e8skSbCWuKw==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035250/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
18.164.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-83.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 18:23:27 GMT
content-encoding
gzip
via
1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
86395
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
bllSCBbyfDFLfXQvEIjOdyODkDWVWlB_kv-r4_FUTE47AW9c2VDabQ==

Redirect headers

date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
kJKneyD3g5KZW355pTFieSe-t_8XQBw75UmwcKJLodZspYyaMczgNQ==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-169-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
PWNT77SR799W98GG
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
kCb2rc2iG3asUHIJVfemLrFx2CYwibD1iCdFIf4E+J61Vljvx3OFzqdpsKJhE5K8n75OgRG0GU8=
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:08:41 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200042-IAD, cache-lga21924-LGA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15fcef03ce64500be37b918565a0e7a375a7427285b2d836092439f79da8448a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29201
x-xss-protection
0
server
cafe
etag
369 / 19714 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:10:58 GMT
banner
contributions.guardianapis.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/banner
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
a44b9e53b63dba5058958dd93f611b095dc405c99008f44276629a611dd472f1

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nyc-kteb1890029-NYC
date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 varnish
x-timer
S1703365858.449293,VS0,VE81
x-powered-by
Express
etag
W/"1895-g7uFdduAOLex1rs/2EyIqIxG66E"
vary
Origin, Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
accept-ranges
bytes
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
c66cfd953713a3729fdc6bc7c851cec6c442190339cdcf3a52b8d70968d91b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16837
x-xss-protection
0
server
cafe
etag
13506662177525363732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:10:58 GMT
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
cdn.permutive.com/ 		990 KB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-web.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c070a7ffa3cc76f09bdaa432da26e8e5d1cd8865df28aab7c0a52e2e8305a956

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPpsZlbMMGGsIeFIFKg8KnUZ8wMfEn6Wmc_bWf4yAYzR0DfgD52---Qd2cq66y-FAN9KukITqiUckH6dDZiybGuIZhDWGZvy
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
303464
last-modified
Fri, 15 Dec 2023 15:49:06 GMT
server
cloudflare
etag
"ca15b9887452720fe502100698c1c7da"
vary
Accept-Encoding
x-goog-generation
1702655346548298
content-type
application/javascript
x-goog-hash
crc32c=5GKSbQ==, md5=yhW5iHRScg/lAhAGmMHH2g==
cache-control
public, max-age=900
x-goog-stored-content-length
303464
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a398268d304bc3-BUF
expires
Sat, 23 Dec 2023 21:25:58 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-125.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 07:23:38 GMT
Content-Encoding
gzip
Via
1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
308841
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
Egxcw6Ul1xxH07CV0TQCcEO4MoG0rIP9S3o12CtmPdQCmowyzxMngA==
e96d04c832084488a841a06b49b8fb2d.js
cdn.brandmetrics.com/survey/script/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5110dab7d83f6e73ee729877678cb0f2ab8aa5bddefa4e606fb6899d8e40ae2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 23 Dec 2023 21:09:29 GMT
server
cloudflare
age
89
cf-polished
origSize=5547
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aezHjUJKv1a3dWCf6KTS2V6ZtHiIZrWrhbqxLcQ2JsoPC0WyjdPMcWGt38lB7tuGk%2BUVJi2bGejxyfqg2Pr8L7SlkuSpL3EVFHo9%2FbJ%2BGVoTjDCaymcBgOyKD1kCG0Bvh2fk3XpissPdgIX66Vp1kHkA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83a398268c0f4bbd-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
index.html
sourcepoint.theguardian.com/ Frame 32D8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1099
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Sat, 23 Dec 2023 21:10:58 GMT
etag
W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id
nkgpOGD9UAQg49gyHUbMZmKNrjQ6lRjLgIslxwssKrR7c3fzrFCaAg==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-cache-hits
0
x-served-by
cache-ewr18136-EWR
x-timer
S1703365858.178107,VS0,VE1
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:27:27 GMT
Notice.3a0d3.css
sourcepoint.theguardian.com/ Frame 32D8 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.3a0d3.css
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
3102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-ewr18136-EWR
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-timer
S1703365858.215152,VS0,VE1
etag
W/"453680a5f8883be2b15dcb7878e5d351"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
GcSp3-vb7G1Q1dgMdi0bnBlr2obv-YBX_wpdlbAZ3mUZtIZlTKUoNw==
x-cache-hits
0
polyfills.d36c5.js
sourcepoint.theguardian.com/ Frame 32D8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/polyfills.d36c5.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 590897dc65a5ea6dcbac1c8ea98c65c4.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
1099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-ewr18136-EWR
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
x-timer
S1703365858.215578,VS0,VE3
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9w5myCyg-gPB6Tn-mFwcctTUeg-XWUIsM6VX5gYmmVNGEP7dClZeWQ==
x-cache-hits
0
Notice.cfd37.js
sourcepoint.theguardian.com/ Frame 32D8 		274 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.theguardian.com/Notice.cfd37.js
Requested by
Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sourcepoint.theguardian.com/index.html?message_id=690155&consentUUID=null&requestUUID=56bb201d-b827-4a68-80f1-7bb57b6acfe0&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 f26a1d19b20e4cf5dd8998779bc5b1fc.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security
max-age=300
x-amz-cf-pop
JFK52-P4
age
1099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, MISS
x-served-by
cache-ewr18136-EWR
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-timer
S1703365858.215542,VS0,VE3
etag
W/"ab0bfa06558578f0cc888d8945749f5b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
-JAFwKeILx19aqn3oeD7-lKGLMkY0AykhILTyE2i0z0qavNlNAGncg==
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1233792654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ul=en-us&de=UTF-8&dt=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACACIAB~&jid=1593694590&gjid=1273683897&cid=680112568.1703365858&tid=UA-78705427-1&_gid=639165937.1703365858&_r=1&_slc=1&cd3=theguardian.com&cd4=science&cd5=article&cd6=observermain&cd7=science%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&cd8=profile%2Frobinmckie&cd9=science%2Farchaeology%2Ceducation%2Fhistoryandhistoryofart%2Cscience%2Fscience%2Cworld%2Ffrance%2Cworld%2Fspain%2Cuk%2Fuk%2Cartanddesign%2Fart%2Cartanddesign%2Fpainting&cd10=tone%2Ffeatures&cd11=&cd16=false&cd26=false&cd27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd29=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&cd30=us&cd43=dotcom-rendering&cd50=news&z=2104136079
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
3722
config.aps.amazon-adsystem.com/configs/ 		532 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3722
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4a6e42df592f9fef10d8707e673f1a66671e31c48cfcc1282f759654810652f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:14:38 GMT
via
1.1 79985f6b7b9f366996e2a85ef814999e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
3380
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
vL5hyWnPvSl2RmnSTKF2oBPhc28NL3hPxiBkcwIIBFu9VEzxicgAzQ==
config
c.amazon-adsystem.com/cdn/prod/ 		188 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3722&u=https%3A%2F%2Fwww.theguardian.com
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 16:06:16 GMT
via
1.1 c079338af747d912717239089fea0484.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
age
18282
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
188
x-amz-cf-id
YUEjJbnVECCqq7JqZUBzU7CkCCHSKwzwyP8IIhTqYSuq61KvS-WzHg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 17:30:59 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
13200
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
W9_MgZz3bbiOwqyHx2o5fhDH_fYIhXQI-ZCa69lyWD_nXc6gKHTSOQ==
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78705427-1&cid=680112568.1703365858&jid=1593694590&gjid=1273683897&_gid=639165937.1703365858&_u=aEBAAUAAEAAAACACIAB~&z=1386967439
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Dec 2023 21:10:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/7oDgiTsq88US4rrBG0_Nxpafkrg/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
A2JK2CCYFA1HS2P1
age
2734459
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
83a39826eb214bc0-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Dg8kGZ94LfmzUarJqrmrP/zxKQogmtP5Tz4EHQdKv0B8lOFq6K8BrHR3bsjT4KFdHv+ELeDFFsPdQI6EllaQyQ==
truncated
/ Frame 32D8 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 32D8 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 32D8 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
Header.js
contributions.guardianapis.com/modules/v3/headers/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributions.guardianapis.com/modules/v3/headers/Header.js
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72775823b8411175a3070d86f5f034b784237eb696829a57802ebffcf43d5497

Request headers

Referer
https://assets.guim.co.uk/assets/index.web.04b987504baf7946a850.js?http3=true
Origin
https://www.theguardian.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
TVMsbZsQXmcBfIjMa66.31a_jmatyMYo
content-encoding
gzip
via
1.1 varnish
date
Sat, 23 Dec 2023 21:10:58 GMT
x-amz-request-id
HZ5PA252WBSJYCJV
age
4
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-surrogate-control
max-age=300
content-length
35051
x-amz-id-2
xzE0SQ0LJ/B4LQuoLdFjx+B4P6nNbk/TDL562pdLN7iIfOIqUhiafJ6zEZ6yyLmn6BbDPMdtw8U=
x-served-by
cache-nyc-kteb1890029-NYC
last-modified
Fri, 24 Nov 2023 09:53:17 GMT
server
AmazonS3
x-timer
S1703365858.443598,VS0,VE0
etag
"50b5257c1f12f3883bd9a5e950d73378"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.theguardian.com
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2C...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2CArt%2CPainting&c7=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&c8=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&c9=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
18.164.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-83.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
LXz5Q5XHfz3sSuzp8XeaZLsDG3fP1huh6qsL2GJjhBtiA98zFcE7zg==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 23 Dec 2023 21:10:58 GMT
via
1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035250&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703365858429&ns_c=UTF-8&cs_ucfr=1&comscorekw=Archaeology%2CHistory%2CScience%2CFrance%2CSpain%2CUK%20news%2CArt%2CPainting&c7=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&c8=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&c9=
content-length
0
x-amz-cf-id
8H3NmJ4NwJdYGtXDl3iWnUmKfCFmUTEwus6P4oZniGIQy-GvY1vVuQ==
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=66fd5076-c75f-41b6-9b8b-cd593a9d01bb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c2a1f239-78a8-45db-ad39-9bbe59473fef&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
76
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
a335ca9621c2e981
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
28deb4b6f0877aaca6fdd25f60c28cc41483fdb2f1062b373476bfe7f9d9c800
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=66fd5076-c75f-41b6-9b8b-cd593a9d01bb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c2a1f239-78a8-45db-ad39-9bbe59473fef&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyl43&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
77
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
829e6f5ba6642846
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
10396cffefa693031130d58500afeeb97c914f51eba18b251b243c49a118122c
content-length
43
adsct
t.co/i/ 		43 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=d27e1982-a0ee-416a-81a6-f01fb1c6ad2a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c2a1f239-78a8-45db-ad39-9bbe59473fef&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
81
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
de889702c661e053
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
28deb4b6f0877aaca6fdd25f60c28cc41483fdb2f1062b373476bfe7f9d9c800
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d27e1982-a0ee-416a-81a6-f01fb1c6ad2a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c2a1f239-78a8-45db-ad39-9bbe59473fef&tw_document_href=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny4k9&type=javascript&version=2.3.29
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
78
date
Sat, 23 Dec 2023 21:10:57 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
c19e0eb2ca7c08bf
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
10396cffefa693031130d58500afeeb97c914f51eba18b251b243c49a118122c
content-length
43
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e96d04c832084488a841a06b49b8fb2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec0ea0969c60e76007f766ce7df7d1617a4186823ff622450398d169752c3c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 23 Dec 2023 21:10:39 GMT
server
cloudflare
age
19
cf-polished
origSize=56649
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i75KeNfxWK84NnMwaAt8RHvsFY9hML%2B9LVAtwTiIzBt6HSYJBOayizp14K%2BcqTB%2FTKcORSs%2F64empjvDESdzlq3z4fckMT55lTpwCRy8j2orATSHbDVrO2evG%2Fv%2BukeE9C3e%2FObe7y2rf%2FaXB%2BP9n%2BY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83a398275c4b4bbd-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971225648/?random=1703365858448&cv=9&fst=1703365858448&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tiba=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&hn=www.googleadservices.com&us_privacy=1YNN&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
232d9d3a07348dbd4e711fb8d128053d55a0edae70ec1c7c7a750b3a5f4a44b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1410
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/ 		46 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/v2.0/pxid?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0db1e8e9159f374b9b5f1fc469ce67405aec27eda4fd62d9f9482cbe4368061f

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:58 GMT
an-x-request-uuid
f06b87cf-b204-438a-80c9-ba56d86f1eda
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame F581 		42 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/3968.web.bceb4be615b453ceb6ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d83b02a8de9798d3c1ab7bf27d9e8fa689a9ffd7e6562e98602dc4c8e8fbfb9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-95SsSOLFgS_TBF8R5eQJlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-95SsSOLFgS_TBF8R5eQJlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:10:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78705427-1&cid=680112568.1703365858&jid=1593694590&_u=aEBAAUAAEAAAACACIAB~&z=498561546
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
63fff228-ad77-49fd-a0c9-bddc6cbcbad8
https://www.theguardian.com/ 		643 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/63fff228-ad77-49fd-a0c9-bddc6cbcbad8
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12c587e0f38437d978a808ad4c7db78b4c6ee21ba8451a5349392997ac8a9980

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
658780
Content-Type
dd9bc2d2-6d58-488f-a523-5363196e3af2
https://www.theguardian.com/ 		643 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.theguardian.com/dd9bc2d2-6d58-488f-a523-5363196e3af2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12c587e0f38437d978a808ad4c7db78b4c6ee21ba8451a5349392997ac8a9980

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
658780
Content-Type
geoip
api.permutive.com/v2.0/ 		282 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
watson
api.permutive.com/v2.0/ 		312 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3eb69307fed1d2aa97fc9e79433ec0ea1b071f0950cfb0ad5acdcd6107897ad4

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com&rnd=5107050
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e96d04c8-3208-4488-a841-a06b49b8fb2d&toploc=www.theguardian.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Sat, 23 Dec 2023 21:10:57 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
/
www.google.com/pagead/1p-user-list/971225648/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971225648/?random=1703365858448&cv=9&fst=1703365200000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tiba=Many%20prehistoric%20handprints%20show%20a%20finger%20missing.%20What%20if%20this%20was%20not%20accidental%3F%20%7C%20Archaeology%20%7C%20The%20Guardian&async=1&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_uD--FWgR9OM7duQBrcZaAfANRNMURg&random=1965122668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
fpc
at.teads.tv/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_2167&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1YNN&shared_ids=&sv=471b531&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.theguardian.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sat, 23 Dec 2023 21:10:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2677
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 22 Dec 2024 20:26:21 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame F581 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:27:42 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame F581 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:27:27 GMT
d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
cdn.permutive.com/models/v2/ 		54 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d6691a17-6fdb-4d26-85d6-b3dd27f55f08-models.bin
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91945d85f5f363b72920d369c65a2c6f5d7125a4c9ee82a441b4acf40457fc7f

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
d6691a17-6fdb-4d26-85d6-b3dd27f55f08
age
0
x-guploader-uploadid
ABPtcPrbMP6c1wNxW__UdmITgW7qtj_xVPOG5R3vDtIxsF0hTzovFJ1CUyG0AbDHp0Yv0thVgJeIXNftayKXvjIT_wO2w7EAv4iF
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
38991
last-modified
Wed, 20 Dec 2023 06:03:23 GMT
server
cloudflare
etag
"9309633f2a38e6e85ef743fb71270386"
vary
Accept-Encoding
x-goog-generation
1702965816066082
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=McKmoQ==, md5=kwljPyo45uhe90P7cScDhg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
38991
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a398299e064bcf-BUF
expires
Sat, 23 Dec 2023 20:33:54 GMT
identify
api.permutive.com/v2.0/ 		50 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
91734605950c27ddf54907517457c00361fa4c5864c5ff0ff915c40c72a0f00b

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
pub
pixel.adsafeprotected.com/services/ 		467 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--inline2,ss:%5B1.1,2.2,300.250,300.274,300.600,160.600,300.197%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8bbb973524c9c00bb430b967b962fef2be6c7c7c23c202674a8fd1da359adb93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app19.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		458 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--top-above-nav,ss:%5B1.1,2.2,728.90,940.230,900.250,970.250,88.71,300.197,300.250%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e537d9753548470e27c372198d8c2842a141ac86f0cd6ca936277f502c497df0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app08.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		461 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--survey,ss:%5B1.1%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fafc14f262ec9c1af04bdf0dad58cd13b29403dab26f04047d256f9e7e9ed6da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app39.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		465 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--right,ss:%5B1.1,2.2,300.250,300.274,300.600%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
28d3abde14138e85131a12c91e3f2a85e0a6bfc221aa5f9a39f3d55c965878ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app52.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		473 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising-high,ss:%5B1.1,2.2,88.87,970.250,300.250%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
28e8623478d1d900912e7ebb26b412cda13d9637edaff4f31542d7a5676818e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app54.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		462 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--mostpop,ss:%5B1.1,2.2,300.250,300.274,300.600,300.197%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d6cf95ca49477551f2c757920b1e42a2a0683bfd3fea69560480ebe8c369739a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app13.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		468 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10249&slot=%7Bid:dfp-ad--merchandising,ss:%5B1.1,2.2,88.88,970.250,300.250%5D,p:/59666047/theguardian.com/science/article/ng,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef92b708-c204-6a66-6c8e-16cef306d9d3&url=https%253A%252F%252Fwww.theguardian.com%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.149.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-149-119.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1d1f0897f2c5aa0c0d364a226399ad001de3952eb62993b163cca9829a1c4fde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:58 GMT
server
nginx
x-server-name
app45.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
www.google.com/js/bg/ Frame F581 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 04:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
61611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6850
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 04:04:07 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F581 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:05:00 GMT
x-content-type-options
nosniff
age
371158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Dec 2023 14:05:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F581 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 08:09:52 GMT
x-content-type-options
nosniff
age
306067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 08:09:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F581 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 16:24:05 GMT
x-content-type-options
nosniff
age
362814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 16:24:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F581 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc&co=aHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tOjQ0Mw..&hl=en&type=image&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=invisible&badge=bottomright&cb=qd1uxv7o9l64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 21:10:59 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		160 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&pid=Z0dtqOGW8PWJg&cb=0&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--right%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
Q0GB08F9P0JF0CSXN0HY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
160
x-amz-cf-id
b_M0neFS2qNJgAoSc5XTT5py07DbJ1R8MoZ16dacY-mqNORyC7ixIA==
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%2C%22campaignCode%22%3A%22header_support_2023-11-22_HEADER_TEST_EOY_R2__US_CONTROL%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-11-22_HEADER_TEST_EOY_R2__US%22%2C%22variant%22%3A%22CONTROL%22%7D%7D
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		812 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4274935697318139&correlator=1465333699787946&eid=31077978%2C31080079%2C31080124&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cscience%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1703365859075&lmt=1703365859&adxs=0&adys=416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&vis=1&psz=1600x5332&msz=1600x0&fws=4&ohw=1600&ga_vid=680112568.1703365858&ga_sid=1703365859&ga_hid=1233792654&ga_fc=true&dlt=1703365857653&idt=1175&prev_scp=slot%3Dsurvey%26testgroup%3D8%26id%3Dc4f735c0-a1d7-11ee-b17f-0a0ad507ed9d%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&cust_params=permutive%3D151037%252Crts%26amtgrp%3D12%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D4%252C5%252C1%252C2%252C3%26edition%3Dus%26p%3Dng%26k%3Duk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpj2f4%26co%3Drobinmckie%26url%3D%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed%26ob%3Dt%26tn%3Dfeatures%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dscience%26sens%3Df%26urlkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%26allkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%252Cuk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26ab%3DSignInGateMainVariant-main-variant-4%252CMpuWhenNoEpic-variant%26cc%3DUS%26pv%3Dlqik1vgtl9q9iyj74x0f%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Da1119938-b1bf-4d03-9658-9d8110482a88%26prmtvvid%3D779e064b-d9eb-46e3-9d1d-a7e6c7e638ea%26prmtvsid%3Dec37a11c-62d3-4873-8a6e-012c8d394baa%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_1512447_PG%252CIAS_1506123_PG%252CIAS_1509981_PG%252CIAS_1507080_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=2100829516&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6a419a521399b27a89023a081f44d3c32eedb3671b6222f6544bea165b6fbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
430
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sun, 22 Dec 2024 21:10:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&PageUrl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&PageReferrer=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&CanonicalUrl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
8434cc74fe8b86d61ccdfef3cde83b02347518d01e57ee002a5ec1448aa57c3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
42
content-length
179
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
elb.the-ozone-project.com/openrtb2/ 		11 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f59004936173c53797043b12849d58fb65a961f49f381fe99033ec0345aecb7

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a3982c79c1541f-YYZ
expires
0
auction
tlx.3lift.com/header/ 		19 B
745 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.133.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-133-199.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		15 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.253 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
253.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f08de299a88f8c36c3b8b49dac410fce15a9f6789e848aa3643996e3c9bba67d

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 23 Dec 2023 21:10:59 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
8463
cdb
bidder.criteo.com/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=37214745820&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:10:58 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
krk2.kargo.com/api/v1/ 		2 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.176.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-176-156.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208226
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d533c225ce5e7f81156c1fd744c907ddbdf01e610c967c7c685f19c31ef2e2d

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4hCFKk8kcICYCqaX7gUTikN64rQwWiRL9eLfQ1PbMK4hROv0HRfv%2FEoFCOTLmslC%2BEKO8THxQZ7eP7%2FE76y6tTya5qor0pq87PgazP3xv02QuHUx5tes8wDwDibfDicBB9LDyZy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a3982c6da039c5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:10:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%7C1958285a20acabd%22%3A%22300x600%2C300x250%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&s=20bdeaa5-b212-4f7c-b6e3-6268e29fda0b&pv=lqik1vgtl9q9iyj74x0f&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Duk%2Fuk%2Cpt5%3Dspain%2Cpt5%3Darchaeology%2Cpt5%3Dfrance%2Cpt5%3Dart%2Cpt5%3Dpainting%2Cpt5%3Dhistoryandhistoryofart%2Cpt5%3Dscience%2Cpt6%3D4%2Cpt6%3D5%2Cpt6%3D1%2Cpt6%3D2%2Cpt6%3D3%2Cpt7%3Ddesktop%2Cpt9%3Dlqik1vgtl9q9iyj74x0f%7Crobinmckie%7Cfeatures&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
40929c6750201c047e62ee99423e68d97ecab43c60d316c86fe76cb2a4678981
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
919
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527
pubads.g.doubleclick.net/activity;dc_iu=/59666047/ 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/59666047/DFPAudiencePixel;ord=1;dc_seg=895181798;permutive=23527?
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 23 Dec 2023 21:10:59 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
bframe
www.google.com/recaptcha/api2/ Frame 8DF5 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dbe4b2d62f253cb64f7f675f3f112f98f190688ca1d62be751821c7f4aa7ff07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZoZDleHRpcdo9hnafxvIQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZoZDleHRpcdo9hnafxvIQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8DF5 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:27:42 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8DF5 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:27:27 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		160 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3722&u=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&pid=Z0dtqOGW8PWJg&cb=1&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad--top-above-nav%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
54f37d91c74ec794994462438f9760e481af46aadb2054cddf74595c69a08d48
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
GH9CHMJ6K5CH3MVNMJAQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
160
x-amz-cf-id
hPVfdHOx1BWPmvdtbY0V1yU9bMuWnFWFwVovGRbP_65ApHIlfUeRvg==
iu3
s.amazon-adsystem.com/ Frame A5C8
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
330 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
330
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ENN0DS51TBREK0QM34GM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
35NF31JS59E1EPG52GY5
reload
www.google.com/recaptcha/api2/ Frame 8DF5 		21 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24dd74072e87b1e0a20be11b46dc641e8aa97a5bf3b2800cd24412da629afaa1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 21:10:59 GMT
pr
s.amazon-adsystem.com/v3/ Frame A81B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a1b2a90037ada98147dcac5ed36115be0cb45d80f9a8f070983aab293f7b412a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2611
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
18KQSQR8KP3MPTFYZ5VY
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8DF5 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 23:50:33 GMT
x-content-type-options
nosniff
age
336026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Dec 2023 23:50:33 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8DF5 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:36:21 GMT
x-content-type-options
nosniff
age
344078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Dec 2023 21:36:21 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8DF5 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 16:56:28 GMT
x-content-type-options
nosniff
age
360871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Dec 2023 16:56:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8DF5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 08:09:52 GMT
x-content-type-options
nosniff
age
306067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 08:09:52 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8DF5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 06:26:21 GMT
x-content-type-options
nosniff
age
312278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 06:26:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8DF5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 16:24:05 GMT
x-content-type-options
nosniff
age
362814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 16:24:05 GMT
Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
www.google.com/js/bg/ Frame 8DF5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 04:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
61612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6850
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 04:04:07 GMT
payload
www.google.com/recaptcha/api2/ Frame 8DF5 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6b9CLTZJtl5ZRqiVrKsHsqrpWwk_H_P6B-MTfJxNfQWidtAS4MX1gqOhwyXYFwRtFpE8NVkP-gYET5Orb9xavggWgvlp-TXaBzH5K1AW7qzNCD5k8iDNq1KkaOdBremWQ-SsR62xq8sc2soWmkIt0-bqUMTcRo1E22U7eNCF1Od8OnQmXaExtzw4UYHqzlebPJTVM5MZUHrrXd6OvylcIMNJMrdg&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
338b8e43f7724683fd0ebaffe6ca501420590d917702ec14bfcc3aab7371050b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdzlmsdAAAAALFH63cBVagSFPuuHXQ9OfpIDdMc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 21:10:59 GMT
/
onetag-sys.com/match/ Frame A81B 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
usermatch
ssum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0b4e14f9c03f01f1b4acdb1ca620441be10b369f53c166c59b7de6064add6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83a3982f197d39c5-YYZ
content-encoding
br
content-type
text/html
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhMAKptYkQGWN5vqszBYJ%2FyjZ%2F0iUV2nNbSSHkumnq0WLsNDXJATF4IY%2BcUevpGrANg0rx0BH2gE5%2FXG%2BlN9sTWAwNO8c63Dfx6PKqBKkFmpz8jACcCXQWYKrtWH5Y%2FnHlbQJrYEXEaZGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83a3982ed92c39c5-YYZ
content-length
0
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BXDjo7XO%2BWL10e4%2FusnNpT7i4qJYcJ46UL%2BDX5p3kdAbLOyP3GRTKjG5YFWabvRgJGQOWWWCdAscNvr1YBOmkHvMNLyqOhak7XDvuwAQJg1s8Yu9CwltlBqZgCa7DUw9q2Eoqh%2Bhng8fA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DE4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33909
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sun, 24 Dec 2023 06:36:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
uc.html
sync.go.sonobi.com/ Frame 2C5E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e584c48516f8d75a48fef10dd53074e70a255cd86cf742f9e3c82183a527d931
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
619
content-type
text/html
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
x-xss-protection
0
cm
u.openx.net/w/1.0/ Frame 7E05
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
824 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
16ed36ed22117e6b7d051ffdbd4fd15d521f05c8e69c862074978a92457d47da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
469
content-type
text/html
date
Sat, 23 Dec 2023 21:10:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 23 Dec 2023 21:10:59 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame BCA5
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7567752064217675276&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7567752064217675276&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SQSJBF836T0JP9NKAQ2D

Redirect headers

content-length
0
date
Sat, 23 Dec 2023 21:10:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7567752064217675276&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame FD4D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5694220248042463684&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5694220248042463684&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NKHDYRFV4GGVY6T5BNG7

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
71d50779-a3fa-4e93-af03-6528361ace67
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=5694220248042463684&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 3860
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
56b3ad42c6b3a36b6637aa025bbfabd7ec4c8cc9a74e15a7a30e5fbe51345f3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
486
Content-Type
text/html
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame EB35 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d78a4439e2a7e90397d11d7defeb990b85024e3ee611f93587eba396b75928cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
ecm3
s.amazon-adsystem.com/ Frame 19B3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2654045899593000745508
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2654045899593000745508
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 21:10:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
062EC6D70SE7VE240V15

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 23 Dec 2023 21:10:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2654045899593000745508
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0780bc03834d0055b529c288891e65964e6a26581efa27be1d50d0e9da60f38a

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
usermatchredir
ssum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYdM4wBFfCm4F5_5eTt5igAADmMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIerEFwKIjEiBNTZvSPqx4I&google_cver=1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIerEFwKIjEiBNTZvSPqx4I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ACyUBvzGRhWChlJX%2FVrDALnUSHBKhS%2B%2BJnbpR9FM2mXgip70cRPyehVdqu6Wmd7Oqr%2BwIwSszxaZcQNHErNZyppFNlRjUnhwyDOPBw0bSWVaa1707Po%2BekrtwPSTsEvN0D0iRtEKRxrPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a398303fc13a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIerEFwKIjEiBNTZvSPqx4I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=38340403-1dfe-4d47-97f7-199a6a56d90a&expiration=1705957859&gdpr=0&gdpr_consent=
43 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=38340403-1dfe-4d47-97f7-199a6a56d90a&expiration=1705957859&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4fnyrNz0Z3cD%2B8VpvuEBytZ66%2FUOaHRH4bub0AHlaWcu0RJ0DjWDuouFmPFfzQmW0SZV83%2BVUAMcj7rIWaxGkVEGIlfhGuNhubvBSs4LGeIKV5CT8PStXen49fCfMU%2BmkPjPDkh8dUG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a39830a85c3a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=38340403-1dfe-4d47-97f7-199a6a56d90a&expiration=1705957859&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:10:59 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFrSVq5fuSqg9IL1SzK9v5vubROOpku7q9o3QWBNepBd6V2bw8jqCQzAD2CX7I0kTQs5RIvyYDWEpz7O%2FIG%2FBwzXC54zRyLVoUx2%2FWYF8vNlZOeTPOnmc%2FDf2OdioBntSnRi0PuAnAZWog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a398303fbc3a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E8EE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYdM4wBFfCm4F5_5eTt5igAADmMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M87YM0AEM3NRWTHD91M4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5694220248042463684
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5694220248042463684
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B3%2BLpgn6PXmsMdIhIYCagd3JP%2BiV2pDJtceADDutOHEHGdqKyv4i7W8Byxwssch%2FJdf32XR%2Bhclo0jysaVJwr1GyCrkk3Qkh5ElN2Ot6O69S8riOxNj7Noar64NDHj83ljvXl%2FVPiYS9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a3982fba7b39c5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
an-x-request-uuid
79977c3f-621d-4feb-be0c-76dc9ffcefd7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3104645389375357453&expiration=1704575459
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3104645389375357453&expiration=1704575459
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEGf4Kj%2F9dgiVyRBGZfP68%2Bz5IJF2C8fEaoa07NrSkZRM2zJne43ODxn0VCpnLjw%2FyDjTgRvMDt4coi3dT%2B6tq%2BNEiYQREp%2FfgbqOVMDZLQZtzkcNc5Jxhrx8LI8s2jSK9MH9xIXDunP3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a39830a8663a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3104645389375357453&expiration=1704575459
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tp_out
d.adroll.com/cm/index/ Frame E8EE 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:1ef3:ed1e:e7cd:465 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame E8EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABGyU7LDpoAABLqhLWj3g&expiration=1704575459
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABGyU7LDpoAABLqhLWj3g&expiration=1704575459
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzuKkKxAkU8tsFh1n2Qnk8NOAxsc1SYZH8JPFBDQpT57Uoc5ONT6w5YS7%2FehALhBrBaci3OmSjkNTugJ0hLVxavQmsWQE4DlN6NWCxuifq4x8VPNsdHXRSprz5WtkOyLrCozjajMtEsVfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a39830f8c23a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABGyU7LDpoAABLqhLWj3g&expiration=1704575459
Date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame E8EE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZYdM4wBFfCm4F5_5eTt5igAADmMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q9TQM9RPG7CK871BX4B7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=44346e42-952c-4f1d-b0c0-0dc4ae970d46&google_hm=NDQzNDZlNDItOTUyYy00ZjFkLWIwYzAtMGRjNGFlOTcwZDQ2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB__9Vq3C8clc16RUZzmisw&google_cver=1&ssp=sonobi&bsw_param=44346e42-952c-4f1d-b0c0-0dc4ae970d46
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 23 Dec 2023 21:11:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=38340403-1dfe-4d47-97f7-199a6a56d90a&pubid=91e92b73fd
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=38340403-1dfe-4d47-97f7-199a6a56d90a&pubid=91e92b73fd
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=38340403-1dfe-4d47-97f7-199a6a56d90a&pubid=91e92b73fd
date
Sat, 23 Dec 2023 21:10:59 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Date
Sat, 23 Dec 2023 21:10:59 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
49 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Date
Sat, 23 Dec 2023 21:10:59 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=87e35591-8df3-4747-abf4-1581f1cca478&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SVFRS0JTUDJUemQzeG44Ym1zNEM3Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEM-q52BYpQguCfhoUja8tt8&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
49 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi&tc=1
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi&tc=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi&tc=1
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT, Sat, 23 Dec 2023 21:11:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame 2C5E
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=87e35591-8df3-4747-abf4-1581f1cca478
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDg3ZTM1NTkxLThkZjMtNDc0Ny1hYmY0LTE1ODFmMWNjYTQ3OBAAGg0I45mdrAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152&expected_cookie=5191f927-25df-4c75-a9f3-dcf6c954eaa7
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152&expected_cookie=5191f927-25df-4c75-a9f3-dcf6c954eaa7
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 96CCEA62ACF345F1A1A14C918F099D8A Ref B: EWR311000104047 Ref C: 2023-12-23T21:11:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNM8UGGWE9GJVsMu+XEQ==

Redirect headers

date
Sat, 23 Dec 2023 21:10:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8324937CB2B84914924C5493A50FD601 Ref B: EWR311000104047 Ref C: 2023-12-23T21:11:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=8e99a2e17ddf6509c7dc5d24af102d845b824e6a600035ab1a9aa221be875bf5791426b5417dce21&rand=06440152&expected_cookie=5191f927-25df-4c75-a9f3-dcf6c954eaa7
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNM8UElM7znQAlgt4eeQ==
usg.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODdlMzU1OTEtOGRmMy00NzQ3LWFiZjQtMTU4MWYxY2NhNDc4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 2C5E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
34.225.183.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-183-152.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-087fbd17a.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2H3ACUeWQF8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-01f879bd8.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
b+tMxpcXSug=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame 2C5E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
an-x-request-uuid
866ae4b9-bf87-4fa0-a852-04f949a44b50
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame EB35
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=2dfa34bc-acb5-4dde-8438-23483d48ac53&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=2dfa34bc-acb5-4dde-8438-23483d48ac53&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=2dfa34bc-acb5-4dde-8438-23483d48ac53&gdpr=0
date
Sat, 23 Dec 2023 21:10:59 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=87e35591-8df3-4747-abf4-1581f1cca478
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=87e35591-8df3-4747-abf4-1581f1cca478
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=87e35591-8df3-4747-abf4-1581f1cca478
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/match/ Frame EB35
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEQzNTMwM0EtRTFDRC00QjkwLTlENDktMDI2OTYzMDAwNkVD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
date
Sat, 23 Dec 2023 21:11:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=84bea3be-9a6a-4ed4-82b4-70603c56785b&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=84bea3be-9a6a-4ed4-82b4-70603c56785b&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=84bea3be-9a6a-4ed4-82b4-70603c56785b&gdpr_consent=null&gdpr=0
date
Sat, 23 Dec 2023 21:11:00 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3z3NqxxffNx8Uzl2joWy&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3z3NqxxffNx8Uzl2joWy&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3z3NqxxffNx8Uzl2joWy&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=GH9Ulpybqdbq&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=GH9Ulpybqdbq&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=GH9Ulpybqdbq&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-qphmw
expires
-1
cksync.php
contextual.media.net/ Frame EB35 		57 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 23 Dec 2023 21:10:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sat, 23 Dec 2023 21:10:59 GMT
cs
cs.yellowblue.io/ Frame EB35
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703365859894067-141
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46
Date
Sat, 23 Dec 2023 21:10:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=4dc90496-aaa5-036c-1af1-7ff266bb3b39
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=4dc90496-aaa5-036c-1af1-7ff266bb3b39
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=4dc90496-aaa5-036c-1af1-7ff266bb3b39
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame EB35
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=7567752064217675276&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=7567752064217675276&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=7567752064217675276&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:11:00 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212299388733440
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212299388733440
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212299388733440
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame EB35
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1703365859984
  • https://ad.turn.com/r/cs?pid=45&rndcb=4571221288
  • https://sync.1rx.io/usersync/turn/2665424737501304248?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
date
Sat, 23 Dec 2023 21:11:00 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX695d35c2482e48e8b6d311693c4a20ea005
content-type
text/html
cs
cs-server-s2s.yellowblue.io/ Frame EB35
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5694220248042463684&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5694220248042463684&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
an-x-request-uuid
77d4aac1-6883-40e8-ba0d-c388b03efcf6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5694220248042463684&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame EB35 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=2WCbBOS-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NZMY21C4271PZN3BJRJ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 21:11:00 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 23 Dec 2023 21:10:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 1190 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
ca9abaaebd181ca82fa1d8d8e39ebc0f15d4d065f87e60777fe5bb6573591c6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1656
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 23 Dec 2023 21:10:59 GMT
Server
MT3 1237 600843f master ord ord-pixel-x35 config_version:"146"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Dec 2023 21:10:58 GMT
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQIK1XEQ-L-84ZE&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQIK1XEQ-L-84ZE&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQIK1XEQ-L-84ZE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
an-x-request-uuid
23ed61f2-fd40-47f7-97fd-a09fd7d12f87
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703365859880081-1184
tap.php
pixel.rubiconproject.com/ Frame 1190 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU6a719b07b6f445c4a5745c48eeb7cff5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU6a719b07b6f445c4a5745c48eeb7cff5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU6a719b07b6f445c4a5745c48eeb7cff5
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
155
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1190
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEWgfhG1N9e9gZp5bwRM3HQpJvwWkTAw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEWgfhG1N9e9gZp5bwRM3HQpJvwWkTAw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEWgfhG1N9e9gZp5bwRM3HQpJvwWkTAw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
date
Sat, 23 Dec 2023 21:11:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 1190
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FRX9MQ9TDYYR63R093RV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTI4Q0ExQTYtODIzMC00OEYzLUJBNzYtQzUzNzhBMEZBNDMw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
date
Sat, 23 Dec 2023 21:10:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=qtldG2sKk1cf&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=qtldG2sKk1cf&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=qtldG2sKk1cf&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-2k2jz
expires
-1
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=707fb874b53711bb&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHE44MEr43zwNaLdYrAAAAAAA&expiration=1703452260
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHE44MEr43zwNaLdYrAAAAAAA&expiration=1703452260
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHE44MEr43zwNaLdYrAAAAAAA&expiration=1703452260
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-0h2gudZE2uFfH2EupW6_MYzNwD7jPwvIy4LDQz8-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-0h2gudZE2uFfH2EupW6_MYzNwD7jPwvIy4LDQz8-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-0h2gudZE2uFfH2EupW6_MYzNwD7jPwvIy4LDQz8-~A
date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=95a0729e-2528-4d2b-83f2-20024fa7c1d5&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=95a0729e-2528-4d2b-83f2-20024fa7c1d5&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=95a0729e-2528-4d2b-83f2-20024fa7c1d5&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:10:59 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 1190
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 23 Dec 2023 21:11:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 1190 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7E05 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fd1f647d-61e0-85d3-91b8-a1f72f21249a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GGTTAHYHF0HQ3DFCWEVR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
310e7e44-ede6-ac60-6061-3595b8452233
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7E05 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/310e7e44-ede6-ac60-6061-3595b8452233?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a217:a1:a581:ef30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 7E05 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fd1f647d-61e0-85d3-91b8-a1f72f21249a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
211F4DWFQDWS2Q0W2QYJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7E05
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=a5c91800-7d4a-3e29-51b6-23604712ef7a&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:10:59 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 7E05 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODlhNmNiY2EtYjQzZC02MDhkLTQ0NTYtNzlkOThkZjAyMTFh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7E05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7DX7dEmW8MYRya5aloaNk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7DX7dEmW8MYRya5aloaNk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7DX7dEmW8MYRya5aloaNk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3860 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H3v2hPZHpRiHWZu3QaKVVlWe&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:10:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N8JB6X7PCX0Y318XJVKP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3860
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQIK1XFL-J-GJDI&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQIK1XFL-J-GJDI&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQIK1XFL-J-GJDI&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
merge
ce.lijit.com/ Frame 3860
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=H3v2hPZHpRiHWZu3QaKVVlWe&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=868538562852
43 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=868538562852
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=868538562852
Content-Length
0
sync
x.bidswitch.net/ Frame 3860 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:10:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
4ac47ff1918c5163a9cce45544663444.gif
cs.krushmedia.com/ Frame 3860
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-matching?id=3673&_fw_gdpr=0&_fw_gdpr_consent=[GDPR_CONSENT]
  • https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
8.2.110.134 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703365860034057-1215
merge
ce.lijit.com/ Frame 3860
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=41de5bf8-d8bf-495b-b66a-9ed98b7a3087
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=41de5bf8-d8bf-495b-b66a-9ed98b7a3087
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=41de5bf8-d8bf-495b-b66a-9ed98b7a3087
date
Sat, 23 Dec 2023 21:11:00 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3DE4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31339100&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
389e8b376deae6b2cc3e0702d20662a1e661a0727d9352a5ae54b6cc8a5c6dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 23 Dec 2023 21:10:58 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4274935697318139&correlator=1465333699787946&eid=31077978%2C31080079%2C31080124&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cscience%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C300x250%7C300x274%7C300x600&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie=ID%3D6c33941a177814af%3AT%3D1703365859%3ART%3D1703365859%3AS%3DALNI_MaoaPgeIF2_kbmLIAwJ8JmAHnrTGw&gpic=UID%3D00000a047f87ac8a%3AT%3D1703365859%3ART%3D1703365859%3AS%3DALNI_MZaMznZ7t61lt7UyFl4CL0sgpQI-Q&abxe=1&dt=1703365859908&lmt=1703365859&adxs=1109&adys=422&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&vis=1&psz=300x1600&msz=300x2&fws=516&ohw=1600&ga_vid=680112568.1703365858&ga_sid=1703365859&ga_hid=1233792654&ga_fc=true&dlt=1703365857653&idt=1175&prev_scp=slot%3Dright%26testgroup%3D52%26id%3Dc4f783fa-a1d7-11ee-a093-0aa6593c7509%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26amznbid%3D2%26amznp%3D2%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x250%26hb_pb_ozone%3D0.27%26hb_adid_ozone%3D4cd5b89c7c4a38-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format_trustx%3Dbanner%26hb_size_trustx%3D300x600%26hb_pb_trustx%3D0.90%26hb_adid_trustx%3D200ba9e2767722a%26hb_bidder_trustx%3Dtrustx%26oz_size%3D300x250%26oz_adId%3D4cd5b89c7c4a38-0-oz-0%26oz_pb_r%3D0.27%26oz_pb%3D0.2757114%26oz_pb_v%3D2.9.1%26oz_imp_id%3D4cd5b89c7c4a38%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3D6211b45b-3c1b-4cdd-a490-58cd6cbeec23%26oz_triplelift_pb_r%3D0.18%26oz_triplelift_adId%3D4cd5b89c7c4a38-1-oz-0%26oz_triplelift_adv%3Dpurina.com%26oz_triplelift_crid%3D3658_151048_T18024752%26oz_triplelift%3Dtriplelift%26oz_appnexus_pb_r%3D0.27%26oz_appnexus_adId%3D4cd5b89c7c4a38-0-oz-0%26oz_appnexus_adv%3Dfellucagaragedoors.com%26oz_appnexus_crid%3D300683886%26oz_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_deal_trustx%3DG-TRUSTX-b827d08da2714822%26hb_deal%3DG-TRUSTX-b827d08da2714822%26hb_size%3D300x600%26hb_pb%3D0.90%26hb_adid%3D200ba9e2767722a%26hb_bidder%3Dtrustx%26hb_ds%3Dtrustx&cust_params=permutive%3D23527%252C54759%252C83434%252C88411%252C123518%252C131644%252C151037%252C174902%252Crts%26amtgrp%3D12%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D4%252C5%252C1%252C2%252C3%26edition%3Dus%26p%3Dng%26k%3Duk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpj2f4%26co%3Drobinmckie%26url%3D%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed%26ob%3Dt%26tn%3Dfeatures%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dscience%26sens%3Df%26urlkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%26allkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%252Cuk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26ab%3DSignInGateMainVariant-main-variant-4%252CMpuWhenNoEpic-variant%26cc%3DUS%26pv%3Dlqik1vgtl9q9iyj74x0f%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Da1119938-b1bf-4d03-9658-9d8110482a88%26prmtvvid%3D779e064b-d9eb-46e3-9d1d-a7e6c7e638ea%26prmtvsid%3Dec37a11c-62d3-4873-8a6e-012c8d394baa%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_1512447_PG%252CIAS_1506123_PG%252CIAS_1509981_PG%252CIAS_1507080_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=150855970&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb91ab33699c1416dede34ec259118193ff32e677f76b12e317c6a3ea2886b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13900
x-xss-protection
0
google-lineitem-id
6407185678
pragma
no-cache
server
cafe
google-creative-id
678493499177
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
744 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&tmax=1500&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.133.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-133-199.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.176.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-176-156.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
trinity.json
apex.go.sonobi.com/ 		1005 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%7C286ce0535e5a36e%22%3A%22970x250%2C728x90%7Cgpid%3D%2F59666047%2Ftheguardian.com%2Fscience%2Farticle%2Fng%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&s=ab3d0c06-009b-4531-8a40-692bae9efe50&pv=lqik1vgtl9q9iyj74x0f&vp=desktop&lib_name=prebid&lib_v=8.24.0&us=0&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22theguardian.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theguardian.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gmgt=sens%3Df%2Cpt1%3D%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed%2Cpt2%3Dus%2Cpt3%3Darticle%2Cpt4%3Dng%2Cpt5%3Duk%2Fuk%2Cpt5%3Dspain%2Cpt5%3Darchaeology%2Cpt5%3Dfrance%2Cpt5%3Dart%2Cpt5%3Dpainting%2Cpt5%3Dhistoryandhistoryofart%2Cpt5%3Dscience%2Cpt6%3D4%2Cpt6%3D5%2Cpt6%3D1%2Cpt6%3D2%2Cpt6%3D3%2Cpt7%3Ddesktop%2Cpt9%3Dlqik1vgtl9q9iyj74x0f%7Crobinmckie%7Cfeatures&us_privacy=1YNN&coppa=0
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ccc15abfb0265e917e08be4ba8ff9939814cb9a043b865b3788013c1b8160f7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:10:59 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
514
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.253 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
253.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cea2177bbfab01f2f8385edf7d1723bed1bf3744240131d9fda7f7348adaa4b6

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 23 Dec 2023 21:11:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208226
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecd7f8b9cb09afedef3262c0990f74cf152e6e8f96f4e87f187952f266f57a1

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0bPh4F84a7Og2XZA9iH1zSXQhgxdpzEz59bsC9sJI0KrbfGDen1AsFNjxhvqjLb%2F1ku%2BPpSimvaZqLdZu9wu8h5QiUH75TUHOCcm6AKpBdhD6uxv%2FYs1JeVveV5dswuSSeCklrN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a39830c87f3a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
elb.the-ozone-project.com/openrtb2/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9b1a33ad0c70867cb1e3dff6c3f123bcffd1019276ca87b191140a9c867bf6

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a39830cf87541f-YYZ
expires
0
translator
hbopenbid.pubmatic.com/ 		0
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:11:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=12502354282&lsavail=1
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theguardian.com
date
Sat, 23 Dec 2023 21:10:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
dcm
s.amazon-adsystem.com/ Frame A455 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 21:11:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K4Q8TPQ9GE805TQZG43R
ecm3
s.amazon-adsystem.com/ Frame 4DCE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 21:11:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5GAYGTPATZP74H2J9AW7
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oWKt-bm7RVGDMme8veux0Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33908
accept-ranges
bytes
content-length
5622
expires
Sun, 24 Dec 2023 06:36:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 3DE4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b4fe10d-536f-4598-bca9-06a89b923b61&ttd_puid=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
date
Sat, 23 Dec 2023 21:11:00 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 3DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 3DE4 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:10:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 3DE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTE2MkFERjktQjlCQi00NTUxLTgzMzItNjdCQ0JERUJCMUQx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
date
Sat, 23 Dec 2023 21:10:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 3DE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDINY2uDARK5EzKscez5rY4&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
date
Sat, 23 Dec 2023 21:10:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 3DE4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B0E86E2759B948DD8B2C3AF0A9CA22FF
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B0E86E2759B948DD8B2C3AF0A9CA22FF
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 21:11:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B0E86E2759B948DD8B2C3AF0A9CA22FF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 21:11:00 GMT
/
onetag-sys.com/match/ Frame 3DE4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
date
Sat, 23 Dec 2023 21:10:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3DE4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A162ADF9-B9BB-4551-8332-67BCBDEBB1D1?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-onetag_pm-db5_snb_ox-db5_smrt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a217:a1:a581:ef30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.js
eus.rubiconproject.com/ Frame 807F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:11:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53331
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 11:59:51 GMT
khaos.json
token.rubiconproject.com/ Frame 807F 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600028-LCY, cache-yyz4530-YYZ
server
nginx
x-timer
S1703365860.330758,VS0,VE100
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
04fe268426eba234962a32b98c6cf614d2dc92a2
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4274935697318139&correlator=1465333699787946&eid=31077978%2C31080079%2C31080124&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1YNN&iu_parts=59666047%2Ctheguardian.com%2Cscience%2Carticle%2Cng&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C2x2%7C728x90%7C940x230%7C900x250%7C970x250%7C88x71&fluid=height&ifi=3&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3D6c33941a177814af%3AT%3D1703365859%3ART%3D1703365859%3AS%3DALNI_MaoaPgeIF2_kbmLIAwJ8JmAHnrTGw&gpic=UID%3D00000a047f87ac8a%3AT%3D1703365859%3ART%3D1703365859%3AS%3DALNI_MZaMznZ7t61lt7UyFl4CL0sgpQI-Q&abxe=1&dt=1703365860308&lmt=1703365860&adxs=0&adys=12&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&vis=1&psz=1600x90&msz=1600x90&fws=516&ohw=1600&ga_vid=680112568.1703365858&ga_sid=1703365859&ga_hid=1233792654&ga_fc=true&dlt=1703365857653&idt=1175&prev_scp=slot-fabric%3Dfabric1%26slot%3Dtop-above-nav%26testgroup%3D54%26id%3Dc4f7ab21-a1d7-11ee-b60d-0e6c08af59fb%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26amznbid%3D2%26amznp%3D2%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D728x90%26hb_pb_ozone%3D0.27%26hb_adid_ozone%3D354a18246987184-0-oz-0%26hb_bidder_ozone%3Dozone%26oz_size%3D728x90%26oz_adId%3D354a18246987184-0-oz-0%26oz_pb_r%3D0.27%26oz_pb%3D0.2757114%26oz_pb_v%3D2.9.1%26oz_imp_id%3D354a18246987184%26oz_uuid%3Dno-id%26oz_cache_id%3Dno-id%26oz_bid%3Dtrue%26oz_winner%3Dappnexus%26oz_auc_id%3D6a886999-45ac-42b6-acc7-13103aeaf20b%26oz_appnexus_pb_r%3D0.27%26oz_appnexus_adId%3D354a18246987184-0-oz-0%26oz_appnexus_adv%3Defashleyinsurance.com%26oz_appnexus_crid%3D206000979%26oz_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.27%26hb_adid%3D354a18246987184-0-oz-0%26hb_bidder%3Dozone&cust_params=permutive%3D23527%252C54759%252C83434%252C88411%252C123518%252C131644%252C151037%252C155919%252C174902%252Crts%26amtgrp%3D12%26fr%3D1%26consent_tcfv2%3Dna%26rdp%3Df%26pa%3Dt%26ct%3Darticle%26su%3D4%252C5%252C1%252C2%252C3%26edition%3Dus%26p%3Dng%26k%3Duk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26sh%3Dhttps%253A%252F%252Fwww.theguardian.com%252Fp%252Fpj2f4%26co%3Drobinmckie%26url%3D%252Fscience%252F2023%252Fdec%252F23%252Fprehistoric-handprints-finger-missing-ritually-removed%26ob%3Dt%26tn%3Dfeatures%26dcre%3Dt%26rc%3D1%26rp%3Ddotcom-rendering%26s%3Dscience%26sens%3Df%26urlkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%26allkw%3Dprehistoric%252Chandprints%252Cfinger%252Cmissing%252Critually%252Cremoved%252Cuk%252Fuk%252Cspain%252Carchaeology%252Cfrance%252Cart%252Cpainting%252Chistoryandhistoryofart%252Cscience%26ab%3DSignInGateMainVariant-main-variant-4%252CMpuWhenNoEpic-variant%26cc%3DUS%26pv%3Dlqik1vgtl9q9iyj74x0f%26si%3Df%26bp%3Ddesktop%26skinsize%3Dl%26inskin%3Df%26prmtvsdk%3Dweb%26puid%3Da1119938-b1bf-4d03-9658-9d8110482a88%26prmtvvid%3D779e064b-d9eb-46e3-9d1d-a7e6c7e638ea%26prmtvsid%3Dec37a11c-62d3-4873-8a6e-012c8d394baa%26prmtvwid%3Dd6691a17-6fdb-4d26-85d6-b3dd27f55f08%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fra%3Dfalse%26ias-kw%3DIAS_1512447_PG%252CIAS_1506123_PG%252CIAS_1509981_PG%252CIAS_1507080_PG%252CIAS_1507653_PG%252CIAS_1508970_PG&adks=3202454900&frm=20
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7acd5c910e45d01aca6a7164dcbeb3fd1cb73fb22b87024f8b8cd89e7aaadfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13939
x-xss-protection
0
google-lineitem-id
6407185678
pragma
no-cache
server
cafe
google-creative-id
678493475021
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theguardian.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.yellowblue.io/ Frame 807F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQIK1X6U-1H-9UYC
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIK1X6U-1H-9UYC
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQIK1X6U-1H-9UYC
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQIK1X6U-1H-9UYC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
container.html
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4858 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sun, 22 Dec 2024 21:10:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hb
api.nextgen.guardianapps.co.uk/commercial/api/ 		0
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.nextgen.guardianapps.co.uk/commercial/api/hb
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.111 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-gu-backend-app
commercial
x-cache
MISS, MISS
x-served-by
cache-lcy-eglc8600045-LCY, cache-yyz4530-YYZ
server
nginx
x-timer
S1703365860.416478,VS0,VE99
x-gu-geolocation
country:US
x-gu-frontend-git-commit-id
04fe268426eba234962a32b98c6cf614d2dc92a2
access-control-allow-origin
https://www.theguardian.com
cache-control
private, no-store, no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Accept,Content-Type
x-cache-hits
0, 0
pixel
cm.g.doubleclick.net/ Frame 807F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2UzMmNlN2E1OTBjYmNjZDkyOGNmYTg5YWMwZjEwZDMxOWU0ODMxYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2UzMmNlN2E1OTBjYmNjZDkyOGNmYTg5YWMwZjEwZDMxOWU0ODMxYQ
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2UzMmNlN2E1OTBjYmNjZDkyOGNmYTg5YWMwZjEwZDMxOWU0ODMxYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 807F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIK1X6U-1H-9UYC
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIK1X6U-1H-9UYC
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 833D2620ADB443F29ADF5B89F138D6E8 Ref B: EWR311000104047 Ref C: 2023-12-23T21:11:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNM8UKBmBvmIZiOJWO7A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIK1X6U-1H-9UYC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAvYeTklzxafLAuVEbVLGZQ&google_cver=1
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAvYeTklzxafLAuVEbVLGZQ&google_cver=1
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAvYeTklzxafLAuVEbVLGZQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent=&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0b4fe10d-536f-4598-bca9-06a89b923b61&gdpr=0&gdpr_consent=&expires=30
date
Sat, 23 Dec 2023 21:11:00 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 807F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TfYyiRCMRLat2QsomQhisQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TfYyiRCMRLat2QsomQhisQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TfYyiRCMRLat2QsomQhisQ
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3KGVJCQGPV5M2962D7G2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TfYyiRCMRLat2QsomQhisQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 807F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJSzFYNlUtMUgtOVVZQw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBVcBp55ET6JzPpiwKlvV84&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJSzFYNlUtMUgtOVVZQw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJSzFYNlUtMUgtOVVZQw==&google_push=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJSzFYNlUtMUgtOVVZQw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 807F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQIK1X6U-1H-9UYC&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQIK1X6U-1H-9UYC&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8D3V28ETWDWAYR7H9M94
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQIK1X6U-1H-9UYC&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 807F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6XEFB2X7B03MVC5CXBSS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z8gg_jK_6G8lP8sdHDSJKcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FNyr0mRE2oK01y8OnswOczq_UTXByhTQxzplpA--~A
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FNyr0mRE2oK01y8OnswOczq_UTXByhTQxzplpA--~A
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FNyr0mRE2oK01y8OnswOczq_UTXByhTQxzplpA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABGyU7LDpoAABLqhLWj3g&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABGyU7LDpoAABLqhLWj3g&expires=30
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABGyU7LDpoAABLqhLWj3g&expires=30
Date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 807F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIK1X6U-1H-9UYC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC&ckls=true&ci=5YMxk933dQ&nc=false&trid=-95158702
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC&ckls=true&ci=5YMxk933dQ&nc=false&trid=-95158702
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
18.173.219.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-124.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
via
1.1 687f50ed8be10041d824dc8ad7bb0622.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
6dko0Yftp6M1-e6LJIbL87X8Z8yDlJTXcXrfEvd2Lvxkln-BSl0YUw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
via
1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIK1X6U-1H-9UYC&ckls=true&ci=5YMxk933dQ&nc=false&trid=-95158702
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
UqiEwShn_aM-C0jhQYUt8KtiOYNcTMN9aDl_D_1ItU_8R1VjodHnGg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 807F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIK1X6U-1H-9UYC
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIK1X6U-1H-9UYC
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
34.198.29.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-29-92.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIK1X6U-1H-9UYC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 807F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIK1X6U-1H-9UYC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIK1X6U-1H-9UYC
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:00 GMT
an-x-request-uuid
685b2ec7-3d4b-472e-88bd-d4dbb8df3784
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIK1X6U-1H-9UYC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 807F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIK1X6U-1H-9UYC
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQIK1X6U-1H-9UYC
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQIK1X6U-1H-9UYC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
cksync
hb.yahoo.net/ Frame 807F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIK1X6U-1H-9UYC&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIK1X6U-1H-9UYC&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MUXpoY3JSRTJ1R0VVZFRmX1NBeU9leEJZY0U4R2x3dn5B&ovsid=LQIK1X6U-1H-9UYC&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MUXpoY3JSRTJ1R0VVZFRmX1NBeU9leEJZY0U4R2x3dn5B&ovsid=LQIK1X6U-1H-9UYC&dpid=58160
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
H2
Server
23.40.179.31 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 23 Dec 2023 21:11:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sat, 23 Dec 2023 21:11:00 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MUXpoY3JSRTJ1R0VVZFRmX1NBeU9leEJZY0U4R2x3dn5B&ovsid=LQIK1X6U-1H-9UYC&dpid=58160
date
Sat, 23 Dec 2023 21:11:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 807F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2d69c003-0441-4838-bfb1-76c558b7499b&expires=30
42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2d69c003-0441-4838-bfb1-76c558b7499b&expires=30
Requested by
Host: www.theguardian.com
URL: https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=2d69c003-0441-4838-bfb1-76c558b7499b&expires=30
Date
Sat, 23 Dec 2023 21:11:01 GMT
Connection
keep-alive
X-CI-RTID
a37c88c6-8fac-4b56-bd9d-a079c298dd31
Content-Length
144
Content-Type
text/html; charset=utf-8
container.html
25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:10:59 GMT
expires
Sun, 22 Dec 2024 21:10:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:11:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5502 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:11:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4858 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:11:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4858 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlBdUN4U_7Hp5WVnySGvoay-PdtuANZ90RY4dtJPZqbmkU7nxltDvjftJbbEoPVVzNh0np6HYoDOL_2NFo0wgGwzI0Eat7dxQs3tPPhaW0uAaYgBE
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4858 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 22:08:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:08:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4858 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 22:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
82937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:08:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4858 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:11:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 05E9 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:11:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 99AA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:11:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99AA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqFwUltx6DxS1A-_HHiV3HtLRY013E6AA_hO07CKnNuecgQ94kW0f5rMYNTAicHSJAWjXcvMD1OKRJXBAlmuqCKx9gDbGz91-wstNQIAdOzKLXS0U
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 99AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 22:08:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:08:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 99AA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 22:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
82937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:08:44 GMT
l
www.google.com/ads/measurement/ Frame 99AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY2iyQZxiU61xBgppsnbOF8ujjCK4A8tUCZmRy2l4UDswBuohFNtXBAMwu80KScJ7llWHEY7GLdO0NKIH84EAGbGfZnA
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99AA 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 21:11:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 5502
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujVAeAzVjYYngKHqLJJqtnyNfyjKM1IrbPqu6IAbNp7XWiv4eHbuDdE0TGXW1hrkIRrXU%2Fzv5Yt0be46nSNGd760f%2FGdTml3gT3Oq9CyBmPEuPRmmnESmCjYL8KHWIKfLHglPC0zMGkJoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a3983a1df23a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5502
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EURtbgC1iVfSOnUi9eKejOdnmzikRBS5NLYAR0PCUb%2FAoTleWYXlb5twWFx4Wyr9w3TrftdZJK7r3cuJWP96KHjYMb41bX06vZ8Q62T1aTcN5FD93nHxZGF2BbZRQHIloGUDWfcNWO%2FZBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a3983a5e593a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5502
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Protocol
H2
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
an-x-request-uuid
ef63031c-a8ff-4f18-ab1c-77c2e6d4f569
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5502
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYhP_m-wEwAQ&v=APEucNUs3UAQn-O5KB6_I5X9fRb8H1ZK7uyCpByt08ZbFaySS6tcp4Tic1sVNjsbRPbJ1hVo8qqxCmQmQqvklzWdmEtS86pydw
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
an-x-request-uuid
12138059-86a3-4a46-9183-2960602e334c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 05E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdJJNPHxCsgXMlET%2BzCCZ%2B%2FcWdn5%2By%2B4GqriT%2FKBYjBwF6z8zMie0insQo7spImIKJtEsRZNIcvp0637YZS4qgzvx7m4Gy52hu6vuiiRfnYPs6EfuW%2BF2whRncDg%2Bsy9OLpelPjVUgAaQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a3983a1df53a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 05E9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYdM4wBFfCm4F5-5eTt5igAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
43 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ja6Bhz8IOYYv2unA9eYeyJp0Ooak74D9YeJoeRwZemFpqCGzDxCYVLN%2FY%2BfVrfodeLIa4SJZmBOM6qYBL80mLKEVMU2jhJUOcX1TLB%2BUVtAN25tg5U2BtA3Yurq0QtlUiSTRYKUY8WDU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a3983a5e5a3a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENi8rP1HZfDK6jiB8BAhKVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 05E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Protocol
H2
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
an-x-request-uuid
ef511477-2eb2-4a2f-b3fb-2cdfb80cee47
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXzG3-ANa-LWOCRFHk6akM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIY4YXn-wEwAQ&v=APEucNWmPD5JVKH73fVvEblAvkjKL2N0PRKDysOjvNiRa5XfottjMWn3OnXVXN5aGwIOIri6hjaQFgYjXbbIPP3MdfINEkRIAw
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
an-x-request-uuid
12b3348b-6e51-45e4-9e9a-82fdea587aaa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.145.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.145.js
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:11:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4858 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3925438880802&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4858 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3925438880802&version=m202309260101&ct=76&x=1&cor=716646912007210400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4858 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_8YoVOu6tFs9dLDSUjFU60haeZ4eijnlLMLKIFqhQCl4dilKfzt3SF61HmMUsr5EJizyzPP3vN4Z6ZVKSC6L1GgN6JjVPDuT5stqtqqTOE7VJvgsZ3bVWLbxFxbpbuVvPK4TUD9e8BxD1hps0U8ZVYYDQNvcgi8pdm9jzLbbnf6-xFc&dbm_d=AKAmf-BZPmqt05w-5F3eBRecT9rpDF0WNJEda_ihRoRNpJbt9geGC5Rpgl3m3WJbGBAjdqur_wOvP1G5PHIi1HKzBbPsOnHMLXzWvitiTbIk2Kxg5cdfYwzhV3b0YJjLsYinarHI3WcuygJdxdIRsk6BYxiTFYR0UsBOB1vE9gW2LyconJfq2A6tPq5MQzD-aVPKlK1tQzmoBFkKvk5_36lAYhoMQ_yrDvfpIwIf6tbaYp2098AaJRaUdvzfS1t-4TzlAApM0fOUZqnOo_sDLnJa-uQBrZziBYb0THIg_uCUtSO7xq6acC1JP_LPC7D0Qb3t2g6NuPodWem4i4x1xRZbRGJH-qRjWY1D0dP3CfB5WwVNSHGUnIQC-x1DGOU1_pbFUIy73K9c1lVQVENAC95dgF7vofRDQ__CpENvtZe06dTr65WZTnH425gI7mb6UVPtyIUxAAzIEnjhU45j6B55nsHyfcHeoAH36fkv0cbYh1IIEY_xUUdL1zRsU51NA5c1B7hCPGwyHDOGIApqgzBSMACDUAdWUmqDePx0P9Pnslzhgh1iUPQeTfUkRxQLgqRKjL-S63wbzVQdXdcFsrRdv9U_A8yp94guV5YFEyJ9IEUtmOh1fdXhp4mzDCiPU7zeLy2wjFeE2thUe2nH0PNvpx_eVwAUK4YdKc8TIYZNftY9zemz-OlQlCw2ljia7o7AaJ_ok8nJuZqMefjoIMnrHnBX7LSZ6HQ7x0TxvplAeLV5ZIeYRRGD6yXNusRrj6Bt-BaTevFjUfY_vjjzKQQ1XZpszY_LHSL-iBuu8e8XnN5tt3bULY-FlcNJn3stpISRiPdSCPHHYZgo2aeca-AuB031VCazI1eKFWE5IjoXjL-IhYQhw2usiPGRHaiYaQwfZC1wc_hBiuF9NKcRM3-e6k-eHnewZjq-dPsAhW_OAYlVXKQ1yaMvQs9ac8kYgY1bGlSKYcDLLwvYdeGUDIwIBoxxuYkp8cTe6---2cSopCBv9zQVhYHH6tfVGL1Bt-8JFsEZRHuJg9xuTYlshfOL4cd6zJo6qFEakgkJhPk75cluJksRG4ClseT6Ls0I61aMEHVyS-uhoxiYvZlaBlRWZ9jlzbBrVIPCJUbgpp-PB8ljDpI4WLRihGC_YVIUnsK6xLgdSerjM2UCcgD_bBxZgaKxsqNDowtm_d1BjwLpbWBcXUimsc5B_43LYmhSaOEFEj3nwD0lWEbPJJYre67ofpHz3TwERgRUjfsp_24i9C8J0H-yAF3Kwv633_dvU1Trq2Ty8KVZb4q2Tb8f01KJ5ieOx3v_dTUunSLy72hTeseF46KxuQtNlSGtRiGax7C32_WVLzPuVRyVI7cNNP_g4354hVSIKE1qiLgKWfRkeDZJ3TPjsN44Tk4bGJqg8CBLQs9fBPD1zIsmvm9YJpMIKZIkzPhqkpCNlxjhqusCHAXlhhz_Y5iujFEMzjXVnnq144aU5Z0tk3P_iiliRGhTZuUd3Dc-_qtspWmYxKEKYhO4doIqXwBQPLU9s-mFnw-5PXOJZOPx74YGtg8lMLyQlCm7gMJ65Nkbnlmt6ByHg2d5yN5ewvK-ThOhhlyUg-uWmhu1_w2RWPc5s2blaGawKfmQK-Lr1ZUh1s6q7n_yRT7giY5yBsdr9x_MsnjhV20t37Xwa9s9rxqcP-wAvDKgU-QwMkoQpPGSYGcqQMaXg6CXHhv_emdpQ9stCUi07CuIPMyQVP6NcO5-xYVnLpbnGQg3ap0X6AMUEztbVeLt8X6c8ywmNsIDfvkumG74ZrzftwPC5I8kPUoUNWblPsNmVHiEkoRenSa96S1cfYSP938zSiqmtY4jiJ2qe1AYw4D8s9aYEVU3VEPKjaHos80ZravUPGVVopuD-jgczTnhXnICk18RSUcFqPh27ybPUxzv4xGB7Dh794W-xL8pVE3ezJHGtEuAXVeVwSXO4ihocgNlRPJjT0kQMhXI3Vx6c6N0xskPThY0IIMdTd0PJcl0QqBHPaBT6XvU3PKmT_gWXqz3kcwf1sN7yLkuo_QwyxO8aWMZnZrWQNU7tl6kamEWM3JbZSjkWemNZjN7Cj12DEm4k_PGgimhzCRoGK6GrRfAxEJB58knGGsR9_H5nbpb2sU5chfAAJ_yE-xKkCwyCz0IO5D12PhDrM12mImfX8-vcvpe-zG-7qgJYxsH7sCKkGIe81SKoIhSo-iyxrVs1f6yb2wN_XUvOHdnWM8FMyabvrbH8hrozNxHBLx5WUxNrvJMJYLdWiDO59nzq7gaTyG44aQ8rRth10UaiSJREbRXvZ2VaHi8NnyylcI3V2HcKRHPhgQrk3S4q01fWH-Tev9OtWg3oiONv2v0U5wyaS0lCr8kr7VxST_79criQj1oVu0kAkWS7yVrh25WM3DUO0why9aFyMKIJVEhaSrqSLf8Pj0I4nTD-JgGcIA0wrH5iub2C3m92TNCCRH6NUXffXMcjaBa-4oWFqibVAFaHOzBJjDLYWXeBCYzlzBbVFHYatej1DpGZMmuP075SkYZFs97Fu8bAy2hrkGeUqVHfbMWbPr8acsUIvBgXI8laOFVRh2j1IGayLHhYplF3g4szdQfH5o11r5zJ17uUTIbbV1ezeoOXBmEzKW9jwxcSWRw6428cf1VKBY9iuHWNnm1CjtrteDxntEudtv1JUdIBuprbmyyHLXsbdtjEFub9pLjS-UZY1wooWZRHrwDD1a_YNLprnKXvKYvgpb2ZLm4VZs03FqnKsUQrbIjqZ-qx4Xm5zuF1l2AOXmRIuj4VzB35Cvo3uW3Ut8tdfo-iRzVO5wRkE00D_gfs7p4CAFb7d_6p-A_TXpVerM1l4wyKjqQh8kU34BUdLjCxnkNxgmpRasEr0X0-rkcNiAYzKP4XydC9ebzENFGwxZxVLwJju25NMky9BYiDnTygXB3RXZ7HBfbVGpMpmdSYSds-Yd6GozGgGscv4wTfsKPtQweg80qCl_hV1zeqr3jTlT9vEuHoMKiODqInMLGTX8kM2nvXuHbpgP8u_YEH9RSwR-2Rh3gvlOK40ku-aeFLWasGrDXxk6_7BcutTfX5hwK873ycq3l9ZOXvbXKdQ4ZU9izs1wLaUAlgbguEfi9gn78VyzRnNvLHqijpc6_zXkrgKbA2H0KxPwOkz_Qa5YrXCXpTx_R1ScKQufT_g09TZ2FwcfFOIWqp75h-dekHjs8bWOHrdsDTI8xiANe5qN5pAaignxh6sTGCJYX5b-36v45MD1SDt6tUcTv1uanvfek9bYTlB_VId-i-pNYKoTDx3mAh7FyKH5OgY3Du05aTj2ahDkNyi5V3AqW-Qpk92Pblx4k-EeyAq6I8LDUXlkZwkQc44tZkF5Hh0f0yXPZTDk_BRD_YuWvLPRsP3x6sjPJRRPWKMFRHYSVrkni6pvtbnZFHakhsM1OLtrV-gbLsNrXl0721uaWgItGFYWpZ2dshxgNNh3k3_CwIpi49aW88fwsetwhQ4OjcB3s2VNpjRgUPOVOmQL0IxM0ksK-6kVbRGBaBJzBQA7B1boPbuEsw6eHPCLW-wGgBFWKmqzWkaKFK5aRlbn6snoXiarFmkbGha3JbCrBQVfztNNuuFTbj8dSCvlTdUYRHsA7DHYmaHsHpIyq3yfXr6UpwSX8E__IdYRWmsV33A23QToMvxet5qcWmUj5UevUF0JEChjHMcyAERAbv1FxPcVnjEmtKQOGz2i_rGREpWWUflr5EPFF_nNInKUnVeFxgFpoxW4G0F5h2GuTepuPgXUNPWve6yqVwr60dLg2Xx7izW4t_U48h6QKHs35n1bfk9tPhMVHlNMzidK8n9KxmOqOMlwXQn9xnb8U7tXrN1wdBlbtFBkkqCwaCwzS8a35UvmGbIxTeZfn_x4jwLuBcjO2sZZBVcijGaJHWibr3u2PmF-4tZtOZT9NX8wSvlsCjw_uGO6Juv0EmMa_FdWMVEc1kHOq39JdnF5_oi-42UOZSAdprxnfMkH-oYERQ_dg1kOS9rWHzPXxC80zfTHyK17ubKuJrCFnHcAZahg67nU8Ab2TVgVQ7JBpMBOujdbe-TunZgrUGu7G_lhlCsQQ_H1ZCZJUhVjod-w0R0Pr7MaLplD79qCwB0jPahmYFDI26-MxmFADTN7C205vrHXzRUO0WzEBxIyrijW2PLNJOd3SBvtghoDc1COsCnRX81tiFKg5z20AtQfSSPk70JijXVJHA3AnnUfZN8xGmC0_weWxkVo1dewt_CBqWCaJmy1gOTJw3BBYQIRMPsapflzqaCjXeidyf-mlvRuoLMZdfSPxFS0nl-KQFqE6-GnBw4eKelvOzy5_GnzjuvbGdlopzUiowS_uktGPJnRYeJIMKjOQgOvcdq4KscuL1SdaQPWyhmK_38yLwLL6TRSZAcC8U0HdEaetfCG-a_UCabCBU9Bv3HnJXpWmFhmRcmiT2FVFQMcgt1h0GxhqFYrTYhdm1a66VwvARDBmLaEwki_KpqK3taZOZ0UxDzfKZVuVj4q-Mm8IFkqLKNoSrrNlUbXKNS39rMCrhhUNmKMoKmQU4AdrHdz010nZ_TMaSTzIjyDC-qLg9scJ_kUCEElljutYA8zzqLbcboSy27jVH15ZO084iyGZHYYa3obbIfL9ESH0vLxa6Tx_cnjonj8M1b3jo4_82RRsLME8vGYjj6ua29ipoAifcOAhwzVoWCFSq-L6xi7f5ZpZE8Px-IyXi9DkhEbV1vjdEwZC3EmPw5WqWvCUpHBx83EXe2cRKS7wvOOX2ggxN2lualinzrMl8q23q7zZu6KTjlPQ1wG1fNkoJ_8ItUctebhFUIQ8RKt93EFfIFNCuTc4yxoH4M3BUNnFwwDCCa1jhwq2ubJrk6EzrX_Z4G74rUszJKnRNFkv-2s2eJUY_aittXjTbNjtfnqTX4xB7aVROkUR0eeiVjsUj0Qw-WHawq7Oe1yMLEP2cy_KqcCxJu5MD6WQrLC-4LQrNgrsiGTRhorGd3EXuR0GT1Qb3K5_-zQiH0FgIOVHtj_te24MyS-QTH_Ycb5YrJAmb_CKUKzyKwQNfPJwCZTsRYrr3TDN5CW583WLpOR7VUeSaeETPPHLhQDqQRB1-wXagcX239-_OB_4-xD8a2jqRCFLENzP0U1ujSNVLteUafWtsVEAezYsnPNKqkSvM9inlbOHQVBRCDTNPfeelxxXAE8ES48ea2AkR6pmWVLyh6MQBnWPo2gGJn5TyIUmRIx9xoyC0kOImzulPLstRbpqou7yE-dRI_w-YdC7DZVmg-W2hhfD1WulVEDMIUvgSsnIu9sGxaAh0vyXidBvgAJhU1WPdoT2qmt_M7nMgSg70OMi_UulILUKa4thCo2BB1n7CkubTh86ri4OrGTG8M9Z5x2KsTj-vA&cid=CAQSOwAvHhf_oTem9cluzlC-PzNNilyRKCDjh7gGZoAPjG9VYbIQJGfPTeEnwunN6MFT1VO3LgS_TPynFV9aGAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscqNnSgWkVnwFdrCKCoDJuvft2F8iBjL5KwPRvAqwQ_l8ohDQ9DdLiRptWIz2aQNBg2GP7WiZA9031O7cirGaRFpe44xjftjcCbyw8cQ0VYddthzGY7ByT4yyavta8EDtmIoBR4iaX6YRb-KsTmzz6DnFslVaZtMQZiteLEzLMk15mDt6X3htd0DlHhWK4hUoIEcXmdJOppoVGwOHODk4xpy7se9Uu8n7b7mBd5rWfuo82VPmnfAS4SikLMKnct31FKzNbna7MPPNId5odFNE5NeWIiYX2iFrKPpYJy1i_r1CgWjDjkm5yacoHphUuDIvx20q7dJQmN0mOWJzBJTLR9KtL2WontewfOApk17OvTNS2ZS6qBS70hLcBI-0Z49Ny0y2WbJbm3wtbl3KB_H2NE2_BnA%26sai%3DAMfl-YR8vurmb5honInoZJFeY4FdlfRAQvGAiK8Amt7gjEIhMWi7XRgwwuarxdIoqj9GEfLepcWfD_KI73q3I-495C0Dx8lf1iIY7uQwdStfyREw6crmTEVaLZmUgy3tyw%26sig%3DCg0ArKJSzDEL4JjhPJuyEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=716646912007210400&adk=3944675603&idt=524&cac=0&dtd=52
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
539b156d24e729bedcd32b5ddc491d060917f4c7cd2a94eabfba793deec27153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26704
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2327234492446&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2327234492446&version=m202309260101&ct=76&x=1&cor=7926059378081780000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 99AA 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5cce73e2d9e59a064bb0d8de053625f28cf06b11f80064208e1b90cf97c1112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26722
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4858 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_8YoVOu6tFs9dLDSUjFU60haeZ4eijnlLMLKIFqhQCl4dilKfzt3SF61HmMUsr5EJizyzPP3vN4Z6ZVKSC6L1GgN6JjVPDuT5stqtqqTOE7VJvgsZ3bVWLbxFxbpbuVvPK4TUD9e8BxD1hps0U8ZVYYDQNvcgi8pdm9jzLbbnf6-xFc&dbm_d=AKAmf-BZPmqt05w-5F3eBRecT9rpDF0WNJEda_ihRoRNpJbt9geGC5Rpgl3m3WJbGBAjdqur_wOvP1G5PHIi1HKzBbPsOnHMLXzWvitiTbIk2Kxg5cdfYwzhV3b0YJjLsYinarHI3WcuygJdxdIRsk6BYxiTFYR0UsBOB1vE9gW2LyconJfq2A6tPq5MQzD-aVPKlK1tQzmoBFkKvk5_36lAYhoMQ_yrDvfpIwIf6tbaYp2098AaJRaUdvzfS1t-4TzlAApM0fOUZqnOo_sDLnJa-uQBrZziBYb0THIg_uCUtSO7xq6acC1JP_LPC7D0Qb3t2g6NuPodWem4i4x1xRZbRGJH-qRjWY1D0dP3CfB5WwVNSHGUnIQC-x1DGOU1_pbFUIy73K9c1lVQVENAC95dgF7vofRDQ__CpENvtZe06dTr65WZTnH425gI7mb6UVPtyIUxAAzIEnjhU45j6B55nsHyfcHeoAH36fkv0cbYh1IIEY_xUUdL1zRsU51NA5c1B7hCPGwyHDOGIApqgzBSMACDUAdWUmqDePx0P9Pnslzhgh1iUPQeTfUkRxQLgqRKjL-S63wbzVQdXdcFsrRdv9U_A8yp94guV5YFEyJ9IEUtmOh1fdXhp4mzDCiPU7zeLy2wjFeE2thUe2nH0PNvpx_eVwAUK4YdKc8TIYZNftY9zemz-OlQlCw2ljia7o7AaJ_ok8nJuZqMefjoIMnrHnBX7LSZ6HQ7x0TxvplAeLV5ZIeYRRGD6yXNusRrj6Bt-BaTevFjUfY_vjjzKQQ1XZpszY_LHSL-iBuu8e8XnN5tt3bULY-FlcNJn3stpISRiPdSCPHHYZgo2aeca-AuB031VCazI1eKFWE5IjoXjL-IhYQhw2usiPGRHaiYaQwfZC1wc_hBiuF9NKcRM3-e6k-eHnewZjq-dPsAhW_OAYlVXKQ1yaMvQs9ac8kYgY1bGlSKYcDLLwvYdeGUDIwIBoxxuYkp8cTe6---2cSopCBv9zQVhYHH6tfVGL1Bt-8JFsEZRHuJg9xuTYlshfOL4cd6zJo6qFEakgkJhPk75cluJksRG4ClseT6Ls0I61aMEHVyS-uhoxiYvZlaBlRWZ9jlzbBrVIPCJUbgpp-PB8ljDpI4WLRihGC_YVIUnsK6xLgdSerjM2UCcgD_bBxZgaKxsqNDowtm_d1BjwLpbWBcXUimsc5B_43LYmhSaOEFEj3nwD0lWEbPJJYre67ofpHz3TwERgRUjfsp_24i9C8J0H-yAF3Kwv633_dvU1Trq2Ty8KVZb4q2Tb8f01KJ5ieOx3v_dTUunSLy72hTeseF46KxuQtNlSGtRiGax7C32_WVLzPuVRyVI7cNNP_g4354hVSIKE1qiLgKWfRkeDZJ3TPjsN44Tk4bGJqg8CBLQs9fBPD1zIsmvm9YJpMIKZIkzPhqkpCNlxjhqusCHAXlhhz_Y5iujFEMzjXVnnq144aU5Z0tk3P_iiliRGhTZuUd3Dc-_qtspWmYxKEKYhO4doIqXwBQPLU9s-mFnw-5PXOJZOPx74YGtg8lMLyQlCm7gMJ65Nkbnlmt6ByHg2d5yN5ewvK-ThOhhlyUg-uWmhu1_w2RWPc5s2blaGawKfmQK-Lr1ZUh1s6q7n_yRT7giY5yBsdr9x_MsnjhV20t37Xwa9s9rxqcP-wAvDKgU-QwMkoQpPGSYGcqQMaXg6CXHhv_emdpQ9stCUi07CuIPMyQVP6NcO5-xYVnLpbnGQg3ap0X6AMUEztbVeLt8X6c8ywmNsIDfvkumG74ZrzftwPC5I8kPUoUNWblPsNmVHiEkoRenSa96S1cfYSP938zSiqmtY4jiJ2qe1AYw4D8s9aYEVU3VEPKjaHos80ZravUPGVVopuD-jgczTnhXnICk18RSUcFqPh27ybPUxzv4xGB7Dh794W-xL8pVE3ezJHGtEuAXVeVwSXO4ihocgNlRPJjT0kQMhXI3Vx6c6N0xskPThY0IIMdTd0PJcl0QqBHPaBT6XvU3PKmT_gWXqz3kcwf1sN7yLkuo_QwyxO8aWMZnZrWQNU7tl6kamEWM3JbZSjkWemNZjN7Cj12DEm4k_PGgimhzCRoGK6GrRfAxEJB58knGGsR9_H5nbpb2sU5chfAAJ_yE-xKkCwyCz0IO5D12PhDrM12mImfX8-vcvpe-zG-7qgJYxsH7sCKkGIe81SKoIhSo-iyxrVs1f6yb2wN_XUvOHdnWM8FMyabvrbH8hrozNxHBLx5WUxNrvJMJYLdWiDO59nzq7gaTyG44aQ8rRth10UaiSJREbRXvZ2VaHi8NnyylcI3V2HcKRHPhgQrk3S4q01fWH-Tev9OtWg3oiONv2v0U5wyaS0lCr8kr7VxST_79criQj1oVu0kAkWS7yVrh25WM3DUO0why9aFyMKIJVEhaSrqSLf8Pj0I4nTD-JgGcIA0wrH5iub2C3m92TNCCRH6NUXffXMcjaBa-4oWFqibVAFaHOzBJjDLYWXeBCYzlzBbVFHYatej1DpGZMmuP075SkYZFs97Fu8bAy2hrkGeUqVHfbMWbPr8acsUIvBgXI8laOFVRh2j1IGayLHhYplF3g4szdQfH5o11r5zJ17uUTIbbV1ezeoOXBmEzKW9jwxcSWRw6428cf1VKBY9iuHWNnm1CjtrteDxntEudtv1JUdIBuprbmyyHLXsbdtjEFub9pLjS-UZY1wooWZRHrwDD1a_YNLprnKXvKYvgpb2ZLm4VZs03FqnKsUQrbIjqZ-qx4Xm5zuF1l2AOXmRIuj4VzB35Cvo3uW3Ut8tdfo-iRzVO5wRkE00D_gfs7p4CAFb7d_6p-A_TXpVerM1l4wyKjqQh8kU34BUdLjCxnkNxgmpRasEr0X0-rkcNiAYzKP4XydC9ebzENFGwxZxVLwJju25NMky9BYiDnTygXB3RXZ7HBfbVGpMpmdSYSds-Yd6GozGgGscv4wTfsKPtQweg80qCl_hV1zeqr3jTlT9vEuHoMKiODqInMLGTX8kM2nvXuHbpgP8u_YEH9RSwR-2Rh3gvlOK40ku-aeFLWasGrDXxk6_7BcutTfX5hwK873ycq3l9ZOXvbXKdQ4ZU9izs1wLaUAlgbguEfi9gn78VyzRnNvLHqijpc6_zXkrgKbA2H0KxPwOkz_Qa5YrXCXpTx_R1ScKQufT_g09TZ2FwcfFOIWqp75h-dekHjs8bWOHrdsDTI8xiANe5qN5pAaignxh6sTGCJYX5b-36v45MD1SDt6tUcTv1uanvfek9bYTlB_VId-i-pNYKoTDx3mAh7FyKH5OgY3Du05aTj2ahDkNyi5V3AqW-Qpk92Pblx4k-EeyAq6I8LDUXlkZwkQc44tZkF5Hh0f0yXPZTDk_BRD_YuWvLPRsP3x6sjPJRRPWKMFRHYSVrkni6pvtbnZFHakhsM1OLtrV-gbLsNrXl0721uaWgItGFYWpZ2dshxgNNh3k3_CwIpi49aW88fwsetwhQ4OjcB3s2VNpjRgUPOVOmQL0IxM0ksK-6kVbRGBaBJzBQA7B1boPbuEsw6eHPCLW-wGgBFWKmqzWkaKFK5aRlbn6snoXiarFmkbGha3JbCrBQVfztNNuuFTbj8dSCvlTdUYRHsA7DHYmaHsHpIyq3yfXr6UpwSX8E__IdYRWmsV33A23QToMvxet5qcWmUj5UevUF0JEChjHMcyAERAbv1FxPcVnjEmtKQOGz2i_rGREpWWUflr5EPFF_nNInKUnVeFxgFpoxW4G0F5h2GuTepuPgXUNPWve6yqVwr60dLg2Xx7izW4t_U48h6QKHs35n1bfk9tPhMVHlNMzidK8n9KxmOqOMlwXQn9xnb8U7tXrN1wdBlbtFBkkqCwaCwzS8a35UvmGbIxTeZfn_x4jwLuBcjO2sZZBVcijGaJHWibr3u2PmF-4tZtOZT9NX8wSvlsCjw_uGO6Juv0EmMa_FdWMVEc1kHOq39JdnF5_oi-42UOZSAdprxnfMkH-oYERQ_dg1kOS9rWHzPXxC80zfTHyK17ubKuJrCFnHcAZahg67nU8Ab2TVgVQ7JBpMBOujdbe-TunZgrUGu7G_lhlCsQQ_H1ZCZJUhVjod-w0R0Pr7MaLplD79qCwB0jPahmYFDI26-MxmFADTN7C205vrHXzRUO0WzEBxIyrijW2PLNJOd3SBvtghoDc1COsCnRX81tiFKg5z20AtQfSSPk70JijXVJHA3AnnUfZN8xGmC0_weWxkVo1dewt_CBqWCaJmy1gOTJw3BBYQIRMPsapflzqaCjXeidyf-mlvRuoLMZdfSPxFS0nl-KQFqE6-GnBw4eKelvOzy5_GnzjuvbGdlopzUiowS_uktGPJnRYeJIMKjOQgOvcdq4KscuL1SdaQPWyhmK_38yLwLL6TRSZAcC8U0HdEaetfCG-a_UCabCBU9Bv3HnJXpWmFhmRcmiT2FVFQMcgt1h0GxhqFYrTYhdm1a66VwvARDBmLaEwki_KpqK3taZOZ0UxDzfKZVuVj4q-Mm8IFkqLKNoSrrNlUbXKNS39rMCrhhUNmKMoKmQU4AdrHdz010nZ_TMaSTzIjyDC-qLg9scJ_kUCEElljutYA8zzqLbcboSy27jVH15ZO084iyGZHYYa3obbIfL9ESH0vLxa6Tx_cnjonj8M1b3jo4_82RRsLME8vGYjj6ua29ipoAifcOAhwzVoWCFSq-L6xi7f5ZpZE8Px-IyXi9DkhEbV1vjdEwZC3EmPw5WqWvCUpHBx83EXe2cRKS7wvOOX2ggxN2lualinzrMl8q23q7zZu6KTjlPQ1wG1fNkoJ_8ItUctebhFUIQ8RKt93EFfIFNCuTc4yxoH4M3BUNnFwwDCCa1jhwq2ubJrk6EzrX_Z4G74rUszJKnRNFkv-2s2eJUY_aittXjTbNjtfnqTX4xB7aVROkUR0eeiVjsUj0Qw-WHawq7Oe1yMLEP2cy_KqcCxJu5MD6WQrLC-4LQrNgrsiGTRhorGd3EXuR0GT1Qb3K5_-zQiH0FgIOVHtj_te24MyS-QTH_Ycb5YrJAmb_CKUKzyKwQNfPJwCZTsRYrr3TDN5CW583WLpOR7VUeSaeETPPHLhQDqQRB1-wXagcX239-_OB_4-xD8a2jqRCFLENzP0U1ujSNVLteUafWtsVEAezYsnPNKqkSvM9inlbOHQVBRCDTNPfeelxxXAE8ES48ea2AkR6pmWVLyh6MQBnWPo2gGJn5TyIUmRIx9xoyC0kOImzulPLstRbpqou7yE-dRI_w-YdC7DZVmg-W2hhfD1WulVEDMIUvgSsnIu9sGxaAh0vyXidBvgAJhU1WPdoT2qmt_M7nMgSg70OMi_UulILUKa4thCo2BB1n7CkubTh86ri4OrGTG8M9Z5x2KsTj-vA&cid=CAQSOwAvHhf_oTem9cluzlC-PzNNilyRKCDjh7gGZoAPjG9VYbIQJGfPTeEnwunN6MFT1VO3LgS_TPynFV9aGAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscqNnSgWkVnwFdrCKCoDJuvft2F8iBjL5KwPRvAqwQ_l8ohDQ9DdLiRptWIz2aQNBg2GP7WiZA9031O7cirGaRFpe44xjftjcCbyw8cQ0VYddthzGY7ByT4yyavta8EDtmIoBR4iaX6YRb-KsTmzz6DnFslVaZtMQZiteLEzLMk15mDt6X3htd0DlHhWK4hUoIEcXmdJOppoVGwOHODk4xpy7se9Uu8n7b7mBd5rWfuo82VPmnfAS4SikLMKnct31FKzNbna7MPPNId5odFNE5NeWIiYX2iFrKPpYJy1i_r1CgWjDjkm5yacoHphUuDIvx20q7dJQmN0mOWJzBJTLR9KtL2WontewfOApk17OvTNS2ZS6qBS70hLcBI-0Z49Ny0y2WbJbm3wtbl3KB_H2NE2_BnA%26sai%3DAMfl-YR8vurmb5honInoZJFeY4FdlfRAQvGAiK8Amt7gjEIhMWi7XRgwwuarxdIoqj9GEfLepcWfD_KI73q3I-495C0Dx8lf1iIY7uQwdStfyREw6crmTEVaLZmUgy3tyw%26sig%3DCg0ArKJSzDEL4JjhPJuyEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=716646912007210400&adk=3944675603&idt=524&cac=0&dtd=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 23:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 23:42:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4858 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_8YoVOu6tFs9dLDSUjFU60haeZ4eijnlLMLKIFqhQCl4dilKfzt3SF61HmMUsr5EJizyzPP3vN4Z6ZVKSC6L1GgN6JjVPDuT5stqtqqTOE7VJvgsZ3bVWLbxFxbpbuVvPK4TUD9e8BxD1hps0U8ZVYYDQNvcgi8pdm9jzLbbnf6-xFc&dbm_d=AKAmf-BZPmqt05w-5F3eBRecT9rpDF0WNJEda_ihRoRNpJbt9geGC5Rpgl3m3WJbGBAjdqur_wOvP1G5PHIi1HKzBbPsOnHMLXzWvitiTbIk2Kxg5cdfYwzhV3b0YJjLsYinarHI3WcuygJdxdIRsk6BYxiTFYR0UsBOB1vE9gW2LyconJfq2A6tPq5MQzD-aVPKlK1tQzmoBFkKvk5_36lAYhoMQ_yrDvfpIwIf6tbaYp2098AaJRaUdvzfS1t-4TzlAApM0fOUZqnOo_sDLnJa-uQBrZziBYb0THIg_uCUtSO7xq6acC1JP_LPC7D0Qb3t2g6NuPodWem4i4x1xRZbRGJH-qRjWY1D0dP3CfB5WwVNSHGUnIQC-x1DGOU1_pbFUIy73K9c1lVQVENAC95dgF7vofRDQ__CpENvtZe06dTr65WZTnH425gI7mb6UVPtyIUxAAzIEnjhU45j6B55nsHyfcHeoAH36fkv0cbYh1IIEY_xUUdL1zRsU51NA5c1B7hCPGwyHDOGIApqgzBSMACDUAdWUmqDePx0P9Pnslzhgh1iUPQeTfUkRxQLgqRKjL-S63wbzVQdXdcFsrRdv9U_A8yp94guV5YFEyJ9IEUtmOh1fdXhp4mzDCiPU7zeLy2wjFeE2thUe2nH0PNvpx_eVwAUK4YdKc8TIYZNftY9zemz-OlQlCw2ljia7o7AaJ_ok8nJuZqMefjoIMnrHnBX7LSZ6HQ7x0TxvplAeLV5ZIeYRRGD6yXNusRrj6Bt-BaTevFjUfY_vjjzKQQ1XZpszY_LHSL-iBuu8e8XnN5tt3bULY-FlcNJn3stpISRiPdSCPHHYZgo2aeca-AuB031VCazI1eKFWE5IjoXjL-IhYQhw2usiPGRHaiYaQwfZC1wc_hBiuF9NKcRM3-e6k-eHnewZjq-dPsAhW_OAYlVXKQ1yaMvQs9ac8kYgY1bGlSKYcDLLwvYdeGUDIwIBoxxuYkp8cTe6---2cSopCBv9zQVhYHH6tfVGL1Bt-8JFsEZRHuJg9xuTYlshfOL4cd6zJo6qFEakgkJhPk75cluJksRG4ClseT6Ls0I61aMEHVyS-uhoxiYvZlaBlRWZ9jlzbBrVIPCJUbgpp-PB8ljDpI4WLRihGC_YVIUnsK6xLgdSerjM2UCcgD_bBxZgaKxsqNDowtm_d1BjwLpbWBcXUimsc5B_43LYmhSaOEFEj3nwD0lWEbPJJYre67ofpHz3TwERgRUjfsp_24i9C8J0H-yAF3Kwv633_dvU1Trq2Ty8KVZb4q2Tb8f01KJ5ieOx3v_dTUunSLy72hTeseF46KxuQtNlSGtRiGax7C32_WVLzPuVRyVI7cNNP_g4354hVSIKE1qiLgKWfRkeDZJ3TPjsN44Tk4bGJqg8CBLQs9fBPD1zIsmvm9YJpMIKZIkzPhqkpCNlxjhqusCHAXlhhz_Y5iujFEMzjXVnnq144aU5Z0tk3P_iiliRGhTZuUd3Dc-_qtspWmYxKEKYhO4doIqXwBQPLU9s-mFnw-5PXOJZOPx74YGtg8lMLyQlCm7gMJ65Nkbnlmt6ByHg2d5yN5ewvK-ThOhhlyUg-uWmhu1_w2RWPc5s2blaGawKfmQK-Lr1ZUh1s6q7n_yRT7giY5yBsdr9x_MsnjhV20t37Xwa9s9rxqcP-wAvDKgU-QwMkoQpPGSYGcqQMaXg6CXHhv_emdpQ9stCUi07CuIPMyQVP6NcO5-xYVnLpbnGQg3ap0X6AMUEztbVeLt8X6c8ywmNsIDfvkumG74ZrzftwPC5I8kPUoUNWblPsNmVHiEkoRenSa96S1cfYSP938zSiqmtY4jiJ2qe1AYw4D8s9aYEVU3VEPKjaHos80ZravUPGVVopuD-jgczTnhXnICk18RSUcFqPh27ybPUxzv4xGB7Dh794W-xL8pVE3ezJHGtEuAXVeVwSXO4ihocgNlRPJjT0kQMhXI3Vx6c6N0xskPThY0IIMdTd0PJcl0QqBHPaBT6XvU3PKmT_gWXqz3kcwf1sN7yLkuo_QwyxO8aWMZnZrWQNU7tl6kamEWM3JbZSjkWemNZjN7Cj12DEm4k_PGgimhzCRoGK6GrRfAxEJB58knGGsR9_H5nbpb2sU5chfAAJ_yE-xKkCwyCz0IO5D12PhDrM12mImfX8-vcvpe-zG-7qgJYxsH7sCKkGIe81SKoIhSo-iyxrVs1f6yb2wN_XUvOHdnWM8FMyabvrbH8hrozNxHBLx5WUxNrvJMJYLdWiDO59nzq7gaTyG44aQ8rRth10UaiSJREbRXvZ2VaHi8NnyylcI3V2HcKRHPhgQrk3S4q01fWH-Tev9OtWg3oiONv2v0U5wyaS0lCr8kr7VxST_79criQj1oVu0kAkWS7yVrh25WM3DUO0why9aFyMKIJVEhaSrqSLf8Pj0I4nTD-JgGcIA0wrH5iub2C3m92TNCCRH6NUXffXMcjaBa-4oWFqibVAFaHOzBJjDLYWXeBCYzlzBbVFHYatej1DpGZMmuP075SkYZFs97Fu8bAy2hrkGeUqVHfbMWbPr8acsUIvBgXI8laOFVRh2j1IGayLHhYplF3g4szdQfH5o11r5zJ17uUTIbbV1ezeoOXBmEzKW9jwxcSWRw6428cf1VKBY9iuHWNnm1CjtrteDxntEudtv1JUdIBuprbmyyHLXsbdtjEFub9pLjS-UZY1wooWZRHrwDD1a_YNLprnKXvKYvgpb2ZLm4VZs03FqnKsUQrbIjqZ-qx4Xm5zuF1l2AOXmRIuj4VzB35Cvo3uW3Ut8tdfo-iRzVO5wRkE00D_gfs7p4CAFb7d_6p-A_TXpVerM1l4wyKjqQh8kU34BUdLjCxnkNxgmpRasEr0X0-rkcNiAYzKP4XydC9ebzENFGwxZxVLwJju25NMky9BYiDnTygXB3RXZ7HBfbVGpMpmdSYSds-Yd6GozGgGscv4wTfsKPtQweg80qCl_hV1zeqr3jTlT9vEuHoMKiODqInMLGTX8kM2nvXuHbpgP8u_YEH9RSwR-2Rh3gvlOK40ku-aeFLWasGrDXxk6_7BcutTfX5hwK873ycq3l9ZOXvbXKdQ4ZU9izs1wLaUAlgbguEfi9gn78VyzRnNvLHqijpc6_zXkrgKbA2H0KxPwOkz_Qa5YrXCXpTx_R1ScKQufT_g09TZ2FwcfFOIWqp75h-dekHjs8bWOHrdsDTI8xiANe5qN5pAaignxh6sTGCJYX5b-36v45MD1SDt6tUcTv1uanvfek9bYTlB_VId-i-pNYKoTDx3mAh7FyKH5OgY3Du05aTj2ahDkNyi5V3AqW-Qpk92Pblx4k-EeyAq6I8LDUXlkZwkQc44tZkF5Hh0f0yXPZTDk_BRD_YuWvLPRsP3x6sjPJRRPWKMFRHYSVrkni6pvtbnZFHakhsM1OLtrV-gbLsNrXl0721uaWgItGFYWpZ2dshxgNNh3k3_CwIpi49aW88fwsetwhQ4OjcB3s2VNpjRgUPOVOmQL0IxM0ksK-6kVbRGBaBJzBQA7B1boPbuEsw6eHPCLW-wGgBFWKmqzWkaKFK5aRlbn6snoXiarFmkbGha3JbCrBQVfztNNuuFTbj8dSCvlTdUYRHsA7DHYmaHsHpIyq3yfXr6UpwSX8E__IdYRWmsV33A23QToMvxet5qcWmUj5UevUF0JEChjHMcyAERAbv1FxPcVnjEmtKQOGz2i_rGREpWWUflr5EPFF_nNInKUnVeFxgFpoxW4G0F5h2GuTepuPgXUNPWve6yqVwr60dLg2Xx7izW4t_U48h6QKHs35n1bfk9tPhMVHlNMzidK8n9KxmOqOMlwXQn9xnb8U7tXrN1wdBlbtFBkkqCwaCwzS8a35UvmGbIxTeZfn_x4jwLuBcjO2sZZBVcijGaJHWibr3u2PmF-4tZtOZT9NX8wSvlsCjw_uGO6Juv0EmMa_FdWMVEc1kHOq39JdnF5_oi-42UOZSAdprxnfMkH-oYERQ_dg1kOS9rWHzPXxC80zfTHyK17ubKuJrCFnHcAZahg67nU8Ab2TVgVQ7JBpMBOujdbe-TunZgrUGu7G_lhlCsQQ_H1ZCZJUhVjod-w0R0Pr7MaLplD79qCwB0jPahmYFDI26-MxmFADTN7C205vrHXzRUO0WzEBxIyrijW2PLNJOd3SBvtghoDc1COsCnRX81tiFKg5z20AtQfSSPk70JijXVJHA3AnnUfZN8xGmC0_weWxkVo1dewt_CBqWCaJmy1gOTJw3BBYQIRMPsapflzqaCjXeidyf-mlvRuoLMZdfSPxFS0nl-KQFqE6-GnBw4eKelvOzy5_GnzjuvbGdlopzUiowS_uktGPJnRYeJIMKjOQgOvcdq4KscuL1SdaQPWyhmK_38yLwLL6TRSZAcC8U0HdEaetfCG-a_UCabCBU9Bv3HnJXpWmFhmRcmiT2FVFQMcgt1h0GxhqFYrTYhdm1a66VwvARDBmLaEwki_KpqK3taZOZ0UxDzfKZVuVj4q-Mm8IFkqLKNoSrrNlUbXKNS39rMCrhhUNmKMoKmQU4AdrHdz010nZ_TMaSTzIjyDC-qLg9scJ_kUCEElljutYA8zzqLbcboSy27jVH15ZO084iyGZHYYa3obbIfL9ESH0vLxa6Tx_cnjonj8M1b3jo4_82RRsLME8vGYjj6ua29ipoAifcOAhwzVoWCFSq-L6xi7f5ZpZE8Px-IyXi9DkhEbV1vjdEwZC3EmPw5WqWvCUpHBx83EXe2cRKS7wvOOX2ggxN2lualinzrMl8q23q7zZu6KTjlPQ1wG1fNkoJ_8ItUctebhFUIQ8RKt93EFfIFNCuTc4yxoH4M3BUNnFwwDCCa1jhwq2ubJrk6EzrX_Z4G74rUszJKnRNFkv-2s2eJUY_aittXjTbNjtfnqTX4xB7aVROkUR0eeiVjsUj0Qw-WHawq7Oe1yMLEP2cy_KqcCxJu5MD6WQrLC-4LQrNgrsiGTRhorGd3EXuR0GT1Qb3K5_-zQiH0FgIOVHtj_te24MyS-QTH_Ycb5YrJAmb_CKUKzyKwQNfPJwCZTsRYrr3TDN5CW583WLpOR7VUeSaeETPPHLhQDqQRB1-wXagcX239-_OB_4-xD8a2jqRCFLENzP0U1ujSNVLteUafWtsVEAezYsnPNKqkSvM9inlbOHQVBRCDTNPfeelxxXAE8ES48ea2AkR6pmWVLyh6MQBnWPo2gGJn5TyIUmRIx9xoyC0kOImzulPLstRbpqou7yE-dRI_w-YdC7DZVmg-W2hhfD1WulVEDMIUvgSsnIu9sGxaAh0vyXidBvgAJhU1WPdoT2qmt_M7nMgSg70OMi_UulILUKa4thCo2BB1n7CkubTh86ri4OrGTG8M9Z5x2KsTj-vA&cid=CAQSOwAvHhf_oTem9cluzlC-PzNNilyRKCDjh7gGZoAPjG9VYbIQJGfPTeEnwunN6MFT1VO3LgS_TPynFV9aGAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscqNnSgWkVnwFdrCKCoDJuvft2F8iBjL5KwPRvAqwQ_l8ohDQ9DdLiRptWIz2aQNBg2GP7WiZA9031O7cirGaRFpe44xjftjcCbyw8cQ0VYddthzGY7ByT4yyavta8EDtmIoBR4iaX6YRb-KsTmzz6DnFslVaZtMQZiteLEzLMk15mDt6X3htd0DlHhWK4hUoIEcXmdJOppoVGwOHODk4xpy7se9Uu8n7b7mBd5rWfuo82VPmnfAS4SikLMKnct31FKzNbna7MPPNId5odFNE5NeWIiYX2iFrKPpYJy1i_r1CgWjDjkm5yacoHphUuDIvx20q7dJQmN0mOWJzBJTLR9KtL2WontewfOApk17OvTNS2ZS6qBS70hLcBI-0Z49Ny0y2WbJbm3wtbl3KB_H2NE2_BnA%26sai%3DAMfl-YR8vurmb5honInoZJFeY4FdlfRAQvGAiK8Amt7gjEIhMWi7XRgwwuarxdIoqj9GEfLepcWfD_KI73q3I-495C0Dx8lf1iIY7uQwdStfyREw6crmTEVaLZmUgy3tyw%26sig%3DCg0ArKJSzDEL4JjhPJuyEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=716646912007210400&adk=3944675603&idt=524&cac=0&dtd=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 14:54:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyfkDFUtdhR4TRFzaXmKgxz4zBs2lVci-bOPBLm505k4RaRX9InUbIFctwe23RZ2-qBzgp9wRIJFswoTuw4Cg6lTaZcIGj6bSUMD8a-QeNRB0VIXj-TOnNJI3BGb2ifKxd8MYM0WKc9JoTWQRX8pS2Rn_jpD09KDd3tDWwuKIw-LDCHX1vAvcLX7Yohl97vCthngEU0jT_4Uafpa15KU0CQne76mUlFxFU6xoyu4GJk5dW16ZtDiCQRBVpYh7S4i3Subr7kokfImKRIV1JoO5XZCzK-b2UH6oVEaSNf1etG_bU_7X3QHVMGSms4a0QVoCzdc4IfKfE9r9sDtLrVpOlnzfZ2bOHn_0WgnEYA39AbUGQqwTB8FqX3xAG6Hk-jL5Nl4rOc5N9U9KFy5dkEli-nf4uUGFKNTv8ZxOWtVQ-tQ8mzSmnu-3EOn4GdyJYeovR0M9dqBNSsGynil9RPocPIYtQXju_ygvTWIeJSo9By5-ZYwDjfLyiDM_6x-7axPDkpeSnX59TWFQMncWTS1xQ1gyOauqlvhoWR5VD0FFHL2SMOMSRoiTHCEpticgtbq9iJyPxMs7Oi3B4T93BfoddD4mKvMArPJjUSWG7sYuOtCahWUFn4_ZPySaMQouyuAOncvP_TzUN0pQx49vTz3lj_SPxZAs8i0lc8DcydEqPNJWPT83vVEBtNu8Q2LbHiPoeSvPiyEqdQiSZToG2gMcyYbvNCIYUdx0GScJwmaR05ziHaooAhfQjQtLmIRnvhTtLX97qPA9Ct5CKXBRK-cF6sTn3mCIHnGMnGKIR09nrZRomnlARaQ8ZR7gc1TTBSxEtIxTCYF-27EktN99X4afqCEg1sadaGtH63lUHyGdwTLsZv652-7-LaVQ63j754nsFW8ni7jQvZyrj6ao3gvo10CRGrDBrWrelOdFFXI2JSnt3EukMrM1d16WqBCyDw1ekkOCDoiQO3eTYOHDpIdWcyvTfKLYxeh70hWSY_EUaR9LC6L2cuuj4j9GnZgDERCPLME3d7sV66bVInpgkvkxkj59-Rx08XPc7lyXaoaCnN0j9eNBAzhHLjGTJL-T6mngtBDXOBWieA1rJP5Fp9vxgbMT3c0VbDi1H2N9hA1VHH7OUjo10JZFPNLjfDiCtNERcmnDELBjz5CkEKHB_JaX_Lzpku3n3mhNZ7I9x6WvdQE-y-S88xXAon4TpVxckQlbx1nbajWsmqs4pWwQQ7KY9MkbXVfOSXGpHaCaf0WRqN-suxEU8YDB49D2AIfsrf0Z-nHqMQs2sauN93qYhZMJUEZ6xjjbGu9bndnIU75vTflhoMCIesjSNYRHevTv6RL25UwzOsBRxpBFEGg53_ZY6iq795b8kG6ISqgRFjt1yJwUXVTQJRI9-tkg5eq06TvJXIgt1yQgbu9XnPfXtxGFWrESJppHWqHrXwpF76AUS48dEunsc307eKLoQVs3LTxNRBXsGhUj_AwpaG_9EeC9ooaH_e5AvLKGnOpc1klijgSMvanryfOPUtApcbnAo9PsgpACG3DM0Y-tYfZCx11IWoYwy3voGvkkztshBP5BKN3hXedAXLsXEy8WKQpOapfHZvWFPbnAXJcvzhRHr0Icga7gSa1k-3Wqy5L2kML4w4zmDM3IVbL7kHBgjIxD6LA3Y73xAMa9nBqFK2EtfTdBFQi-EV9w-IdBgfbPS2O21wTqwP1uHKyPtnReLH2ucSDVmIOhPMT8dSUHlpHk59ansAG_2AjbQ6F-vWee1D5pkMGMeDIPvyJxjBA4VPnXdOjiVfW7cDSC2QfrR7Umn2iuULo71&sai=AMfl-YRMayKaRu6O5KoGLDeRJAePLmYj_aSsToJrYKkQ05Gp-bTjEoFmmJ1BWjhepxvnCJiT-wCHjYvWKlz4GPCVns9skW9Va9Sr04lhvQcTXaNV22-xy4XzEuiEKjqkCyjf3EXR3ApA75Qy2zpESvZZyMyYk074B3MZeHELQVo-yalAR5o9QkpvPtWQyMLtNrQtQG5Arfez5RsWzjNeEIdQyG2IaJvQarfZJGucrP0teaCE5GhMaWxeio-cqRxJShxGg3tma5HCZkSVvj5R9YD3JrOjq4fUdmnVLYZh7jOJRGULZitXEXSJRv-NHuua-14Ao6-U3Zoe9357waCrn64g7ckF6gz2auZpuboL7n5IsqedJcvwaj2gfOIV3RZS-mQn9XWTzP2LRspIQv6c05cABpBUb6cBoohwOe1CUQ&sig=Cg0ArKJSzETgTVgaqZj6EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.03631&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_8YoVOu6tFs9dLDSUjFU60haeZ4eijnlLMLKIFqhQCl4dilKfzt3SF61HmMUsr5EJizyzPP3vN4Z6ZVKSC6L1GgN6JjVPDuT5stqtqqTOE7VJvgsZ3bVWLbxFxbpbuVvPK4TUD9e8BxD1hps0U8ZVYYDQNvcgi8pdm9jzLbbnf6-xFc&dbm_d=AKAmf-BZPmqt05w-5F3eBRecT9rpDF0WNJEda_ihRoRNpJbt9geGC5Rpgl3m3WJbGBAjdqur_wOvP1G5PHIi1HKzBbPsOnHMLXzWvitiTbIk2Kxg5cdfYwzhV3b0YJjLsYinarHI3WcuygJdxdIRsk6BYxiTFYR0UsBOB1vE9gW2LyconJfq2A6tPq5MQzD-aVPKlK1tQzmoBFkKvk5_36lAYhoMQ_yrDvfpIwIf6tbaYp2098AaJRaUdvzfS1t-4TzlAApM0fOUZqnOo_sDLnJa-uQBrZziBYb0THIg_uCUtSO7xq6acC1JP_LPC7D0Qb3t2g6NuPodWem4i4x1xRZbRGJH-qRjWY1D0dP3CfB5WwVNSHGUnIQC-x1DGOU1_pbFUIy73K9c1lVQVENAC95dgF7vofRDQ__CpENvtZe06dTr65WZTnH425gI7mb6UVPtyIUxAAzIEnjhU45j6B55nsHyfcHeoAH36fkv0cbYh1IIEY_xUUdL1zRsU51NA5c1B7hCPGwyHDOGIApqgzBSMACDUAdWUmqDePx0P9Pnslzhgh1iUPQeTfUkRxQLgqRKjL-S63wbzVQdXdcFsrRdv9U_A8yp94guV5YFEyJ9IEUtmOh1fdXhp4mzDCiPU7zeLy2wjFeE2thUe2nH0PNvpx_eVwAUK4YdKc8TIYZNftY9zemz-OlQlCw2ljia7o7AaJ_ok8nJuZqMefjoIMnrHnBX7LSZ6HQ7x0TxvplAeLV5ZIeYRRGD6yXNusRrj6Bt-BaTevFjUfY_vjjzKQQ1XZpszY_LHSL-iBuu8e8XnN5tt3bULY-FlcNJn3stpISRiPdSCPHHYZgo2aeca-AuB031VCazI1eKFWE5IjoXjL-IhYQhw2usiPGRHaiYaQwfZC1wc_hBiuF9NKcRM3-e6k-eHnewZjq-dPsAhW_OAYlVXKQ1yaMvQs9ac8kYgY1bGlSKYcDLLwvYdeGUDIwIBoxxuYkp8cTe6---2cSopCBv9zQVhYHH6tfVGL1Bt-8JFsEZRHuJg9xuTYlshfOL4cd6zJo6qFEakgkJhPk75cluJksRG4ClseT6Ls0I61aMEHVyS-uhoxiYvZlaBlRWZ9jlzbBrVIPCJUbgpp-PB8ljDpI4WLRihGC_YVIUnsK6xLgdSerjM2UCcgD_bBxZgaKxsqNDowtm_d1BjwLpbWBcXUimsc5B_43LYmhSaOEFEj3nwD0lWEbPJJYre67ofpHz3TwERgRUjfsp_24i9C8J0H-yAF3Kwv633_dvU1Trq2Ty8KVZb4q2Tb8f01KJ5ieOx3v_dTUunSLy72hTeseF46KxuQtNlSGtRiGax7C32_WVLzPuVRyVI7cNNP_g4354hVSIKE1qiLgKWfRkeDZJ3TPjsN44Tk4bGJqg8CBLQs9fBPD1zIsmvm9YJpMIKZIkzPhqkpCNlxjhqusCHAXlhhz_Y5iujFEMzjXVnnq144aU5Z0tk3P_iiliRGhTZuUd3Dc-_qtspWmYxKEKYhO4doIqXwBQPLU9s-mFnw-5PXOJZOPx74YGtg8lMLyQlCm7gMJ65Nkbnlmt6ByHg2d5yN5ewvK-ThOhhlyUg-uWmhu1_w2RWPc5s2blaGawKfmQK-Lr1ZUh1s6q7n_yRT7giY5yBsdr9x_MsnjhV20t37Xwa9s9rxqcP-wAvDKgU-QwMkoQpPGSYGcqQMaXg6CXHhv_emdpQ9stCUi07CuIPMyQVP6NcO5-xYVnLpbnGQg3ap0X6AMUEztbVeLt8X6c8ywmNsIDfvkumG74ZrzftwPC5I8kPUoUNWblPsNmVHiEkoRenSa96S1cfYSP938zSiqmtY4jiJ2qe1AYw4D8s9aYEVU3VEPKjaHos80ZravUPGVVopuD-jgczTnhXnICk18RSUcFqPh27ybPUxzv4xGB7Dh794W-xL8pVE3ezJHGtEuAXVeVwSXO4ihocgNlRPJjT0kQMhXI3Vx6c6N0xskPThY0IIMdTd0PJcl0QqBHPaBT6XvU3PKmT_gWXqz3kcwf1sN7yLkuo_QwyxO8aWMZnZrWQNU7tl6kamEWM3JbZSjkWemNZjN7Cj12DEm4k_PGgimhzCRoGK6GrRfAxEJB58knGGsR9_H5nbpb2sU5chfAAJ_yE-xKkCwyCz0IO5D12PhDrM12mImfX8-vcvpe-zG-7qgJYxsH7sCKkGIe81SKoIhSo-iyxrVs1f6yb2wN_XUvOHdnWM8FMyabvrbH8hrozNxHBLx5WUxNrvJMJYLdWiDO59nzq7gaTyG44aQ8rRth10UaiSJREbRXvZ2VaHi8NnyylcI3V2HcKRHPhgQrk3S4q01fWH-Tev9OtWg3oiONv2v0U5wyaS0lCr8kr7VxST_79criQj1oVu0kAkWS7yVrh25WM3DUO0why9aFyMKIJVEhaSrqSLf8Pj0I4nTD-JgGcIA0wrH5iub2C3m92TNCCRH6NUXffXMcjaBa-4oWFqibVAFaHOzBJjDLYWXeBCYzlzBbVFHYatej1DpGZMmuP075SkYZFs97Fu8bAy2hrkGeUqVHfbMWbPr8acsUIvBgXI8laOFVRh2j1IGayLHhYplF3g4szdQfH5o11r5zJ17uUTIbbV1ezeoOXBmEzKW9jwxcSWRw6428cf1VKBY9iuHWNnm1CjtrteDxntEudtv1JUdIBuprbmyyHLXsbdtjEFub9pLjS-UZY1wooWZRHrwDD1a_YNLprnKXvKYvgpb2ZLm4VZs03FqnKsUQrbIjqZ-qx4Xm5zuF1l2AOXmRIuj4VzB35Cvo3uW3Ut8tdfo-iRzVO5wRkE00D_gfs7p4CAFb7d_6p-A_TXpVerM1l4wyKjqQh8kU34BUdLjCxnkNxgmpRasEr0X0-rkcNiAYzKP4XydC9ebzENFGwxZxVLwJju25NMky9BYiDnTygXB3RXZ7HBfbVGpMpmdSYSds-Yd6GozGgGscv4wTfsKPtQweg80qCl_hV1zeqr3jTlT9vEuHoMKiODqInMLGTX8kM2nvXuHbpgP8u_YEH9RSwR-2Rh3gvlOK40ku-aeFLWasGrDXxk6_7BcutTfX5hwK873ycq3l9ZOXvbXKdQ4ZU9izs1wLaUAlgbguEfi9gn78VyzRnNvLHqijpc6_zXkrgKbA2H0KxPwOkz_Qa5YrXCXpTx_R1ScKQufT_g09TZ2FwcfFOIWqp75h-dekHjs8bWOHrdsDTI8xiANe5qN5pAaignxh6sTGCJYX5b-36v45MD1SDt6tUcTv1uanvfek9bYTlB_VId-i-pNYKoTDx3mAh7FyKH5OgY3Du05aTj2ahDkNyi5V3AqW-Qpk92Pblx4k-EeyAq6I8LDUXlkZwkQc44tZkF5Hh0f0yXPZTDk_BRD_YuWvLPRsP3x6sjPJRRPWKMFRHYSVrkni6pvtbnZFHakhsM1OLtrV-gbLsNrXl0721uaWgItGFYWpZ2dshxgNNh3k3_CwIpi49aW88fwsetwhQ4OjcB3s2VNpjRgUPOVOmQL0IxM0ksK-6kVbRGBaBJzBQA7B1boPbuEsw6eHPCLW-wGgBFWKmqzWkaKFK5aRlbn6snoXiarFmkbGha3JbCrBQVfztNNuuFTbj8dSCvlTdUYRHsA7DHYmaHsHpIyq3yfXr6UpwSX8E__IdYRWmsV33A23QToMvxet5qcWmUj5UevUF0JEChjHMcyAERAbv1FxPcVnjEmtKQOGz2i_rGREpWWUflr5EPFF_nNInKUnVeFxgFpoxW4G0F5h2GuTepuPgXUNPWve6yqVwr60dLg2Xx7izW4t_U48h6QKHs35n1bfk9tPhMVHlNMzidK8n9KxmOqOMlwXQn9xnb8U7tXrN1wdBlbtFBkkqCwaCwzS8a35UvmGbIxTeZfn_x4jwLuBcjO2sZZBVcijGaJHWibr3u2PmF-4tZtOZT9NX8wSvlsCjw_uGO6Juv0EmMa_FdWMVEc1kHOq39JdnF5_oi-42UOZSAdprxnfMkH-oYERQ_dg1kOS9rWHzPXxC80zfTHyK17ubKuJrCFnHcAZahg67nU8Ab2TVgVQ7JBpMBOujdbe-TunZgrUGu7G_lhlCsQQ_H1ZCZJUhVjod-w0R0Pr7MaLplD79qCwB0jPahmYFDI26-MxmFADTN7C205vrHXzRUO0WzEBxIyrijW2PLNJOd3SBvtghoDc1COsCnRX81tiFKg5z20AtQfSSPk70JijXVJHA3AnnUfZN8xGmC0_weWxkVo1dewt_CBqWCaJmy1gOTJw3BBYQIRMPsapflzqaCjXeidyf-mlvRuoLMZdfSPxFS0nl-KQFqE6-GnBw4eKelvOzy5_GnzjuvbGdlopzUiowS_uktGPJnRYeJIMKjOQgOvcdq4KscuL1SdaQPWyhmK_38yLwLL6TRSZAcC8U0HdEaetfCG-a_UCabCBU9Bv3HnJXpWmFhmRcmiT2FVFQMcgt1h0GxhqFYrTYhdm1a66VwvARDBmLaEwki_KpqK3taZOZ0UxDzfKZVuVj4q-Mm8IFkqLKNoSrrNlUbXKNS39rMCrhhUNmKMoKmQU4AdrHdz010nZ_TMaSTzIjyDC-qLg9scJ_kUCEElljutYA8zzqLbcboSy27jVH15ZO084iyGZHYYa3obbIfL9ESH0vLxa6Tx_cnjonj8M1b3jo4_82RRsLME8vGYjj6ua29ipoAifcOAhwzVoWCFSq-L6xi7f5ZpZE8Px-IyXi9DkhEbV1vjdEwZC3EmPw5WqWvCUpHBx83EXe2cRKS7wvOOX2ggxN2lualinzrMl8q23q7zZu6KTjlPQ1wG1fNkoJ_8ItUctebhFUIQ8RKt93EFfIFNCuTc4yxoH4M3BUNnFwwDCCa1jhwq2ubJrk6EzrX_Z4G74rUszJKnRNFkv-2s2eJUY_aittXjTbNjtfnqTX4xB7aVROkUR0eeiVjsUj0Qw-WHawq7Oe1yMLEP2cy_KqcCxJu5MD6WQrLC-4LQrNgrsiGTRhorGd3EXuR0GT1Qb3K5_-zQiH0FgIOVHtj_te24MyS-QTH_Ycb5YrJAmb_CKUKzyKwQNfPJwCZTsRYrr3TDN5CW583WLpOR7VUeSaeETPPHLhQDqQRB1-wXagcX239-_OB_4-xD8a2jqRCFLENzP0U1ujSNVLteUafWtsVEAezYsnPNKqkSvM9inlbOHQVBRCDTNPfeelxxXAE8ES48ea2AkR6pmWVLyh6MQBnWPo2gGJn5TyIUmRIx9xoyC0kOImzulPLstRbpqou7yE-dRI_w-YdC7DZVmg-W2hhfD1WulVEDMIUvgSsnIu9sGxaAh0vyXidBvgAJhU1WPdoT2qmt_M7nMgSg70OMi_UulILUKa4thCo2BB1n7CkubTh86ri4OrGTG8M9Z5x2KsTj-vA&cid=CAQSOwAvHhf_oTem9cluzlC-PzNNilyRKCDjh7gGZoAPjG9VYbIQJGfPTeEnwunN6MFT1VO3LgS_TPynFV9aGAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscqNnSgWkVnwFdrCKCoDJuvft2F8iBjL5KwPRvAqwQ_l8ohDQ9DdLiRptWIz2aQNBg2GP7WiZA9031O7cirGaRFpe44xjftjcCbyw8cQ0VYddthzGY7ByT4yyavta8EDtmIoBR4iaX6YRb-KsTmzz6DnFslVaZtMQZiteLEzLMk15mDt6X3htd0DlHhWK4hUoIEcXmdJOppoVGwOHODk4xpy7se9Uu8n7b7mBd5rWfuo82VPmnfAS4SikLMKnct31FKzNbna7MPPNId5odFNE5NeWIiYX2iFrKPpYJy1i_r1CgWjDjkm5yacoHphUuDIvx20q7dJQmN0mOWJzBJTLR9KtL2WontewfOApk17OvTNS2ZS6qBS70hLcBI-0Z49Ny0y2WbJbm3wtbl3KB_H2NE2_BnA%26sai%3DAMfl-YR8vurmb5honInoZJFeY4FdlfRAQvGAiK8Amt7gjEIhMWi7XRgwwuarxdIoqj9GEfLepcWfD_KI73q3I-495C0Dx8lf1iIY7uQwdStfyREw6crmTEVaLZmUgy3tyw%26sig%3DCg0ArKJSzDEL4JjhPJuyEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=716646912007210400&adk=3944675603&idt=524&cac=0&dtd=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dot.gif
s0.2mdn.net/ Frame 4858 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:57:57 GMT
x-content-type-options
nosniff
age
43984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 08:57:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 70CC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 16:25:01 GMT
etag
48472445140208031
expires
Sun, 24 Dec 2023 16:25:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4858 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c54583c406cc206fb37e83d4f4de04cb54ff3c1a129426ca60a826b90d4a2a7e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzTe63MvcWV1iTl7k_yDj0R_Z0YPxJZriSZVFNywn5UU6Bz-SuWnsvv58II9NspQiPrqa8e4Y_6tz2Gka0A6LRpNiZNuJkzt7zsXU726pwdocUL_RP4iKoqQK06KJLSrRq-akBwHJ5z7644BMkLSKWqEFb9BfZVhweYuf_BBb0VIOcrf6tYb2Og8YFOXYuh35f5h4QT6_d94nz3UdVHyF8Lnpy9AqtUVGrs4OwxDqVKpXzmPkKihlfodSw2_X__5GNOXwcEJ4N7twzXy1WTB-Xm6m4-CVi2yEuvrChlV__hkBzXEeZqgwjCZVejX5GddfzuDvds_qusPy52IsAAyA38iqVPYOwCrrfPVZPkt8fHXwAvsJM6Vr678q1g0ggJAPNPXnFEsnALZq4QUFiSbYXHWLuJyWreNCD&sai=AMfl-YRf11rZgL5qffunq2OpzkjXTxRnzStoNJ5GA-olsbM2bVOUpzrbIFuvpJFF7BRjegtIts6qVydXE5GkpYzDZgaBSOp-niKtL5N5JVlo5pR4Nbleh7Rs2VOizGcOhQ&sig=Cg0ArKJSzAx0ezhhuXQ3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 21:11:01 GMT
dot.gif
s0.2mdn.net/ Frame 99AA 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:57:57 GMT
x-content-type-options
nosniff
age
43984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 08:57:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 99AA 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 23:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 23:42:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 99AA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 14:54:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 99AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVyIoPLw4sgB9Nlih0J-rI6F4R1h27nVRlyk3Bb_czcS5d0-YK-A0EZZ24zOIxseMSRmYWXd81zWxIsfVLe36H4KH66aakCwDJaStPRd_YZsWTGIooveKfTCBnJ6orJ59xmghdfzrIcKWzxNsCVVF_NtGA0DXVBN8ypktYl-GMG5CiXjf9xq-rG-qyyyitbFOYI8qdiHCVDCjQlCHcTI0nWo-H93NvbWA4RX1AL4UhS2AhoHmoVT0nE4BDSXJfwFMEmxY2Qm2EmTYzQ2w7ySalTXmUnaT-7iHc9zHIwjzVpN7ZlrwAAIpSbE_pjnEMtQ2eeFHkSqt0HPXwkP5sRabff8TloCR-Qm660traKl4aDfLHHVwFKqTYYmmgx24GJouDRhrOjZC8tY00XIhY9K4BvH2UNp9SVNj_9FcdCov9XOUzEilzkujf-QSHx32aEF1JblpFEvj7adZ_-U-Hsjc5E4ljPngY3igO2JaU6JDCiQMy5_HJSCrl-Kvmb_Lhtlg94cmZv45vllt5VUzWF8iVMKVHUuWOFdUfbtEbB8l0tgOUwl1aqdH54GgLGhXDyW6-miOo4y-4GYAG0_kaFojQVBZBVC0eBlc8e0g-uLE2_Xk1529nFHgn04frRuMB3Rj0q-p33L5eoiS21UW8y2wEE7Xji1vR3Fk5tNOsxHo-nL0wyFhyaN6AxrbTEgUVV1m8rNP6nW4a_AAOmbql-9Udelr0-6dv2p7_cYBT6nkPdlcklOHJSkcjbakFuU8LRiwdvX1gIcBuZfYD8VWLLhvYv7F1jTdutTNu3L8K2riLoyBR3ArecbOtEx7ylRcFNyLFKYlMYYiv1ldWlfhLCx9PaDz1beMMTzp47jj0iGpyK-XAA07iHesIYTrZXLHqZnL6nIAjU-iZv7s0bz5DVfJ-i_58zEUBOGYXlxHN1G3iCue9-bwpfo1zo8hiId-y-bKUXeZ5U3jnJUscgEizpm8TOophjVezokmrO6E7fqrbDAJqkuCLXzjT8uftq_f55T__JbIwIFoaZXnApIW7Ljoqrh8OHwpNHvob7t4ZZ_icGrwO4qDhDQfryYvqNoQIpr6LGXusTbUiO8Wrg7U8Lgjx908IZ5hxAB-Il_31F5kGzM4pBhouIEXm0r6hQV9UXaqzTfDU9M2AQUpjS0buLzszY0qYQUrKZndgVpUxvKgxXzMpYFqhBjfGZw8zEJ9CATioTc4cQuK6tce4ReHpZFK3_jF87J3fgGVOs2Gi95z_UcjDrEyEk4cUoUuqru_dwaTMb0PvrExZ2KdxlVxAzZNSHdD89a7iBU61pg95ISKibNZPz32r-bGH_SdGciNtGsNSkrPG3hG1xCsBxtfPajixMBhERttLr9GH0lCWlRkH-pHyjSloeeten-McIxVZBaYgteCelm0eqFzP_aI9ykMv4a7UFVd4SB-E_cE-wGuw3entLKkGuqHpPOfMkDfprd1os4ibm8U_k0x4hPafsQICR5c2fIj7fO3SCk1cBy1UOwUrA15dg0YDEzyv96Ionfmr2AEouEqlX4X4iPtsezBAxLOIyC3mbinfpW_1_-X1emyznBbmecWsdoFZedsJ3PVdLQHmS-YaoZDU32ObnsOow-XW1VWBXej-pBLpaTWvcv1igvkqNKJT3hla1DgAZh6ZIo7siPZJ3o6tXa95gugNbXJ1315ZjE2Y-KRgkI2vwOXNJk4T9Qp101pr1Moq7r2xGX7AJVxnCdHd7WigIpXQw7mcP81eSJ6mDkvthU-6_2QlrZcTgIBrWZBIJLcn-EsJvocW55l-NhLC7aeA24Gvn3-DdQ&sai=AMfl-YSOmxjzP5W0zJyhDwjTJfU0lZ1SvehH0U-v9e3qyPZCvQ1MY8jb9wm1tOKPORRbRua1IMtm0OTvSS98qJlytpntcgAVnTxss4PUnqnwY61R1fDfJgGDMxN5uw3RVeshehnIcSgUVzQ7RxLLIybx63vT8G73t1yNmqwpMYJyeZecv1NaA2Ru1oyCE9LI-admKnTvGIXR2taSLJPrzEq4G5RH8R9ZenEhEO9twopLos47oJn5pIvgFjPSkJFQaUwj-mNUo7Lk3InYto1HhqYHRhEESU_bLw6--7syRAKlXOsa2ZOqQXu3J6C774-5y_drDnGlo0APkLgD5m91sIc8RfsxwWhER6B9RNpgB99L8dc7HCI_uFT7IDJfxRRMBX_Ch94SG30y2eWH5MTMOt-daROHVBESJKrW7zg8Ew&sig=Cg0ArKJSzIdL2qoTZBeDEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231207.49114&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 00C1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 16:25:01 GMT
etag
48472445140208031
expires
Sun, 24 Dec 2023 16:25:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 99AA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1817faa4ce970433b1cc62ed31a3c7d3cbfece45ba9795550d10486ad481a0a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 99AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKzeGqLTJ_qmXTLNfwiqZRoE5gawnD-5v2z_ycm9acEEECQhKzF5hjtfcp7jUd5IKIc-fx67fjVsmb8DlHy71VjEfhgY96kOPcl2VWuVfSaWGpjAiQRQfTwj_OqqwyyDCwFBN1h9UVx7NhbogWysZrGUmeE5v5yFv26Zj2dOMR_17V7-tOhK2w5f4rh0p2jibcuBscdfBs76-box75fpjbF-90CVHNki8y9ayMi6GpGHvjQhMC92IR0wSj0F4Aq3SRd2StVmjL2gDr2blJJ7HAU4TPi2S3ilbWyMzN_sVqddGI_SH4FKkECKAboEs-THpQW6n52kx-WEJTwTt8CCErD8nqBPEgVrMeYo5gKVANA93tGXqMutI-fZdPbSXxdCuyaJa900CZOJ8zeQn4c6nqyrdnJIGn_jfb&sai=AMfl-YRTIwMOaF1nUo4GOeYvZkhabV-qtUHYB0gU0xqeAVXc8v6Fzxkzc7gAv9gO2bIqSFkbNVbv74KaeLeuCoqeKkjpyR00xsP4bcIbFB72G1WkLrvHHbmYoFTJ_Ap0wQ&sig=Cg0ArKJSzEQvVh-UmEc2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 21:11:01 GMT
i.match
s.tribalfusion.com/z/ Frame 70CC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hx...
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83a3983d1ce04bcc-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
161
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC84G949iB702vMNMsOjJMU&google_cver=1&google_push=AXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrlH92mCdpg5rVdcrQE4iFmSTn2_iWf9VfZr1_7gUdZ2QiqhpK26IHSoPG6dpdJzz2BR7KfJZ-vscVzA3KACxpswwl5Hxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83a3983c7cb24bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENtw3scTEnaF0rqfVCE_s2U&google_cver=1&google_push=AXcoOmQ08FfEIKvq_flKNKCiQTGCkHLNzGqiGRLrnixX136g2IfUChGJeqkEpu8VMVjsQ9zj08rEolmFBw0NGceIvHCkrkmKnugq
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=868538562852&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=868538562852&us_privacy=1---
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=868538562852&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHjjU3J_YKjQSjAL5QSU8RU&google_cver=1&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHjjU3J_YKjQSjAL5QSU8RU&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY&google_hm=aE5lMUR3UG9lakdUMTR5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY&google_hm=aE5lMUR3UG9lakdUMTR5eGZXaWc=
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQSZe0Wg2DApWFmrTNn8Ei4etGJCZEe7tNkaVUeHLyxa2CidhLUeAxQvqxgmwt8LdM7Vo9RDHRdoMrXe3K6eox1LgNE91UY&google_hm=aE5lMUR3UG9lakdUMTR5eGZXaWc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGVvxhf6Ty_a4qVCEjUxQOA&google_cver=1&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGTI...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGTIbeYnPBpfRt1k
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&google_push=AXcoOmT1m9knFa-UDi7ztktymiGk-QVKzKy8ogVWiVS0zuttV2MvKwYn0KW2uk3H43uxO8Om133phFQf-ZVLGTIbeYnPBpfRt1k
Date
Sat, 23 Dec 2023 21:11:01 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSul...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSulkidmXi1LiN95ZCs7c&google_hm=87e35591-8df3-4747-abf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSulkidmXi1LiN95ZCs7c&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-djdg0a-HQcB3Iz-P4fTgcuUAEcuBiqvX3aaiNdN8PWNj6Uu5TkOo6GG__1uLm7lPeZaw7JFSulkidmXi1LiN95ZCs7c&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMpbItYbF5oZu2jusAjkq40&google_cver=1&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96ZotbMYyHvaNsKI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96ZotbMYyHvaNsKI
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmTU2YhBXr69lqIkXvZ81ZJfzJVXFzCQBfpEo1MnLpdVCJRCUqCjEOiLxMAaoDF_ZBRWM7ku9covXBV96ZotbMYyHvaNsKI
date
Sat, 23 Dec 2023 21:11:01 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame 70CC
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEH-rg_zIoaHQyRo32_V3AbY&google_cver=1&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo6NYO8J4&google_hm=f5ef61caad3321...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo6NYO8J4&google_hm=f5ef61caad3321292qdpuk00lqik1ypn
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 21:11:01 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR0nNFvhESFKHEg2nAAd6l-GFTDwTR4fCgXORRJlGlMvIfuhIIm0nBqteTjxac8t880TCOh1AxtIv8EVTHz2wclo6NYO8J4&google_hm=f5ef61caad3321292qdpuk00lqik1ypn
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame 70CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3QTwoQb5arSHWRDW6nwVr2Oc26jYhmV4RHhFIRhG4O9FKXdB92_4dvGim6njOzcAJmsDjOw
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 4858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyfkDFUtdhR4TRFzaXmKgxz4zBs2lVci-bOPBLm505k4RaRX9InUbIFctwe23RZ2-qBzgp9wRIJFswoTuw4Cg6lTaZcIGj6bSUMD8a-QeNRB0VIXj-TOnNJI3BGb2ifKxd8MYM0WKc9JoTWQRX8pS2Rn_jpD09KDd3tDWwuKIw-LDCHX1vAvcLX7Yohl97vCthngEU0jT_4Uafpa15KU0CQne76mUlFxFU6xoyu4GJk5dW16ZtDiCQRBVpYh7S4i3Subr7kokfImKRIV1JoO5XZCzK-b2UH6oVEaSNf1etG_bU_7X3QHVMGSms4a0QVoCzdc4IfKfE9r9sDtLrVpOlnzfZ2bOHn_0WgnEYA39AbUGQqwTB8FqX3xAG6Hk-jL5Nl4rOc5N9U9KFy5dkEli-nf4uUGFKNTv8ZxOWtVQ-tQ8mzSmnu-3EOn4GdyJYeovR0M9dqBNSsGynil9RPocPIYtQXju_ygvTWIeJSo9By5-ZYwDjfLyiDM_6x-7axPDkpeSnX59TWFQMncWTS1xQ1gyOauqlvhoWR5VD0FFHL2SMOMSRoiTHCEpticgtbq9iJyPxMs7Oi3B4T93BfoddD4mKvMArPJjUSWG7sYuOtCahWUFn4_ZPySaMQouyuAOncvP_TzUN0pQx49vTz3lj_SPxZAs8i0lc8DcydEqPNJWPT83vVEBtNu8Q2LbHiPoeSvPiyEqdQiSZToG2gMcyYbvNCIYUdx0GScJwmaR05ziHaooAhfQjQtLmIRnvhTtLX97qPA9Ct5CKXBRK-cF6sTn3mCIHnGMnGKIR09nrZRomnlARaQ8ZR7gc1TTBSxEtIxTCYF-27EktN99X4afqCEg1sadaGtH63lUHyGdwTLsZv652-7-LaVQ63j754nsFW8ni7jQvZyrj6ao3gvo10CRGrDBrWrelOdFFXI2JSnt3EukMrM1d16WqBCyDw1ekkOCDoiQO3eTYOHDpIdWcyvTfKLYxeh70hWSY_EUaR9LC6L2cuuj4j9GnZgDERCPLME3d7sV66bVInpgkvkxkj59-Rx08XPc7lyXaoaCnN0j9eNBAzhHLjGTJL-T6mngtBDXOBWieA1rJP5Fp9vxgbMT3c0VbDi1H2N9hA1VHH7OUjo10JZFPNLjfDiCtNERcmnDELBjz5CkEKHB_JaX_Lzpku3n3mhNZ7I9x6WvdQE-y-S88xXAon4TpVxckQlbx1nbajWsmqs4pWwQQ7KY9MkbXVfOSXGpHaCaf0WRqN-suxEU8YDB49D2AIfsrf0Z-nHqMQs2sauN93qYhZMJUEZ6xjjbGu9bndnIU75vTflhoMCIesjSNYRHevTv6RL25UwzOsBRxpBFEGg53_ZY6iq795b8kG6ISqgRFjt1yJwUXVTQJRI9-tkg5eq06TvJXIgt1yQgbu9XnPfXtxGFWrESJppHWqHrXwpF76AUS48dEunsc307eKLoQVs3LTxNRBXsGhUj_AwpaG_9EeC9ooaH_e5AvLKGnOpc1klijgSMvanryfOPUtApcbnAo9PsgpACG3DM0Y-tYfZCx11IWoYwy3voGvkkztshBP5BKN3hXedAXLsXEy8WKQpOapfHZvWFPbnAXJcvzhRHr0Icga7gSa1k-3Wqy5L2kML4w4zmDM3IVbL7kHBgjIxD6LA3Y73xAMa9nBqFK2EtfTdBFQi-EV9w-IdBgfbPS2O21wTqwP1uHKyPtnReLH2ucSDVmIOhPMT8dSUHlpHk59ansAG_2AjbQ6F-vWee1D5pkMGMeDIPvyJxjBA4VPnXdOjiVfW7cDSC2QfrR7Umn2iuULo71&sai=AMfl-YRMayKaRu6O5KoGLDeRJAePLmYj_aSsToJrYKkQ05Gp-bTjEoFmmJ1BWjhepxvnCJiT-wCHjYvWKlz4GPCVns9skW9Va9Sr04lhvQcTXaNV22-xy4XzEuiEKjqkCyjf3EXR3ApA75Qy2zpESvZZyMyYk074B3MZeHELQVo-yalAR5o9QkpvPtWQyMLtNrQtQG5Arfez5RsWzjNeEIdQyG2IaJvQarfZJGucrP0teaCE5GhMaWxeio-cqRxJShxGg3tma5HCZkSVvj5R9YD3JrOjq4fUdmnVLYZh7jOJRGULZitXEXSJRv-NHuua-14Ao6-U3Zoe9357waCrn64g7ckF6gz2auZpuboL7n5IsqedJcvwaj2gfOIV3RZS-mQn9XWTzP2LRspIQv6c05cABpBUb6cBoohwOe1CUQ&sig=Cg0ArKJSzETgTVgaqZj6EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=115&vt=11&dtpt=114&dett=4&cstd=0&cisv=r20231207.03631&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_8YoVOu6tFs9dLDSUjFU60haeZ4eijnlLMLKIFqhQCl4dilKfzt3SF61HmMUsr5EJizyzPP3vN4Z6ZVKSC6L1GgN6JjVPDuT5stqtqqTOE7VJvgsZ3bVWLbxFxbpbuVvPK4TUD9e8BxD1hps0U8ZVYYDQNvcgi8pdm9jzLbbnf6-xFc&dbm_d=AKAmf-BZPmqt05w-5F3eBRecT9rpDF0WNJEda_ihRoRNpJbt9geGC5Rpgl3m3WJbGBAjdqur_wOvP1G5PHIi1HKzBbPsOnHMLXzWvitiTbIk2Kxg5cdfYwzhV3b0YJjLsYinarHI3WcuygJdxdIRsk6BYxiTFYR0UsBOB1vE9gW2LyconJfq2A6tPq5MQzD-aVPKlK1tQzmoBFkKvk5_36lAYhoMQ_yrDvfpIwIf6tbaYp2098AaJRaUdvzfS1t-4TzlAApM0fOUZqnOo_sDLnJa-uQBrZziBYb0THIg_uCUtSO7xq6acC1JP_LPC7D0Qb3t2g6NuPodWem4i4x1xRZbRGJH-qRjWY1D0dP3CfB5WwVNSHGUnIQC-x1DGOU1_pbFUIy73K9c1lVQVENAC95dgF7vofRDQ__CpENvtZe06dTr65WZTnH425gI7mb6UVPtyIUxAAzIEnjhU45j6B55nsHyfcHeoAH36fkv0cbYh1IIEY_xUUdL1zRsU51NA5c1B7hCPGwyHDOGIApqgzBSMACDUAdWUmqDePx0P9Pnslzhgh1iUPQeTfUkRxQLgqRKjL-S63wbzVQdXdcFsrRdv9U_A8yp94guV5YFEyJ9IEUtmOh1fdXhp4mzDCiPU7zeLy2wjFeE2thUe2nH0PNvpx_eVwAUK4YdKc8TIYZNftY9zemz-OlQlCw2ljia7o7AaJ_ok8nJuZqMefjoIMnrHnBX7LSZ6HQ7x0TxvplAeLV5ZIeYRRGD6yXNusRrj6Bt-BaTevFjUfY_vjjzKQQ1XZpszY_LHSL-iBuu8e8XnN5tt3bULY-FlcNJn3stpISRiPdSCPHHYZgo2aeca-AuB031VCazI1eKFWE5IjoXjL-IhYQhw2usiPGRHaiYaQwfZC1wc_hBiuF9NKcRM3-e6k-eHnewZjq-dPsAhW_OAYlVXKQ1yaMvQs9ac8kYgY1bGlSKYcDLLwvYdeGUDIwIBoxxuYkp8cTe6---2cSopCBv9zQVhYHH6tfVGL1Bt-8JFsEZRHuJg9xuTYlshfOL4cd6zJo6qFEakgkJhPk75cluJksRG4ClseT6Ls0I61aMEHVyS-uhoxiYvZlaBlRWZ9jlzbBrVIPCJUbgpp-PB8ljDpI4WLRihGC_YVIUnsK6xLgdSerjM2UCcgD_bBxZgaKxsqNDowtm_d1BjwLpbWBcXUimsc5B_43LYmhSaOEFEj3nwD0lWEbPJJYre67ofpHz3TwERgRUjfsp_24i9C8J0H-yAF3Kwv633_dvU1Trq2Ty8KVZb4q2Tb8f01KJ5ieOx3v_dTUunSLy72hTeseF46KxuQtNlSGtRiGax7C32_WVLzPuVRyVI7cNNP_g4354hVSIKE1qiLgKWfRkeDZJ3TPjsN44Tk4bGJqg8CBLQs9fBPD1zIsmvm9YJpMIKZIkzPhqkpCNlxjhqusCHAXlhhz_Y5iujFEMzjXVnnq144aU5Z0tk3P_iiliRGhTZuUd3Dc-_qtspWmYxKEKYhO4doIqXwBQPLU9s-mFnw-5PXOJZOPx74YGtg8lMLyQlCm7gMJ65Nkbnlmt6ByHg2d5yN5ewvK-ThOhhlyUg-uWmhu1_w2RWPc5s2blaGawKfmQK-Lr1ZUh1s6q7n_yRT7giY5yBsdr9x_MsnjhV20t37Xwa9s9rxqcP-wAvDKgU-QwMkoQpPGSYGcqQMaXg6CXHhv_emdpQ9stCUi07CuIPMyQVP6NcO5-xYVnLpbnGQg3ap0X6AMUEztbVeLt8X6c8ywmNsIDfvkumG74ZrzftwPC5I8kPUoUNWblPsNmVHiEkoRenSa96S1cfYSP938zSiqmtY4jiJ2qe1AYw4D8s9aYEVU3VEPKjaHos80ZravUPGVVopuD-jgczTnhXnICk18RSUcFqPh27ybPUxzv4xGB7Dh794W-xL8pVE3ezJHGtEuAXVeVwSXO4ihocgNlRPJjT0kQMhXI3Vx6c6N0xskPThY0IIMdTd0PJcl0QqBHPaBT6XvU3PKmT_gWXqz3kcwf1sN7yLkuo_QwyxO8aWMZnZrWQNU7tl6kamEWM3JbZSjkWemNZjN7Cj12DEm4k_PGgimhzCRoGK6GrRfAxEJB58knGGsR9_H5nbpb2sU5chfAAJ_yE-xKkCwyCz0IO5D12PhDrM12mImfX8-vcvpe-zG-7qgJYxsH7sCKkGIe81SKoIhSo-iyxrVs1f6yb2wN_XUvOHdnWM8FMyabvrbH8hrozNxHBLx5WUxNrvJMJYLdWiDO59nzq7gaTyG44aQ8rRth10UaiSJREbRXvZ2VaHi8NnyylcI3V2HcKRHPhgQrk3S4q01fWH-Tev9OtWg3oiONv2v0U5wyaS0lCr8kr7VxST_79criQj1oVu0kAkWS7yVrh25WM3DUO0why9aFyMKIJVEhaSrqSLf8Pj0I4nTD-JgGcIA0wrH5iub2C3m92TNCCRH6NUXffXMcjaBa-4oWFqibVAFaHOzBJjDLYWXeBCYzlzBbVFHYatej1DpGZMmuP075SkYZFs97Fu8bAy2hrkGeUqVHfbMWbPr8acsUIvBgXI8laOFVRh2j1IGayLHhYplF3g4szdQfH5o11r5zJ17uUTIbbV1ezeoOXBmEzKW9jwxcSWRw6428cf1VKBY9iuHWNnm1CjtrteDxntEudtv1JUdIBuprbmyyHLXsbdtjEFub9pLjS-UZY1wooWZRHrwDD1a_YNLprnKXvKYvgpb2ZLm4VZs03FqnKsUQrbIjqZ-qx4Xm5zuF1l2AOXmRIuj4VzB35Cvo3uW3Ut8tdfo-iRzVO5wRkE00D_gfs7p4CAFb7d_6p-A_TXpVerM1l4wyKjqQh8kU34BUdLjCxnkNxgmpRasEr0X0-rkcNiAYzKP4XydC9ebzENFGwxZxVLwJju25NMky9BYiDnTygXB3RXZ7HBfbVGpMpmdSYSds-Yd6GozGgGscv4wTfsKPtQweg80qCl_hV1zeqr3jTlT9vEuHoMKiODqInMLGTX8kM2nvXuHbpgP8u_YEH9RSwR-2Rh3gvlOK40ku-aeFLWasGrDXxk6_7BcutTfX5hwK873ycq3l9ZOXvbXKdQ4ZU9izs1wLaUAlgbguEfi9gn78VyzRnNvLHqijpc6_zXkrgKbA2H0KxPwOkz_Qa5YrXCXpTx_R1ScKQufT_g09TZ2FwcfFOIWqp75h-dekHjs8bWOHrdsDTI8xiANe5qN5pAaignxh6sTGCJYX5b-36v45MD1SDt6tUcTv1uanvfek9bYTlB_VId-i-pNYKoTDx3mAh7FyKH5OgY3Du05aTj2ahDkNyi5V3AqW-Qpk92Pblx4k-EeyAq6I8LDUXlkZwkQc44tZkF5Hh0f0yXPZTDk_BRD_YuWvLPRsP3x6sjPJRRPWKMFRHYSVrkni6pvtbnZFHakhsM1OLtrV-gbLsNrXl0721uaWgItGFYWpZ2dshxgNNh3k3_CwIpi49aW88fwsetwhQ4OjcB3s2VNpjRgUPOVOmQL0IxM0ksK-6kVbRGBaBJzBQA7B1boPbuEsw6eHPCLW-wGgBFWKmqzWkaKFK5aRlbn6snoXiarFmkbGha3JbCrBQVfztNNuuFTbj8dSCvlTdUYRHsA7DHYmaHsHpIyq3yfXr6UpwSX8E__IdYRWmsV33A23QToMvxet5qcWmUj5UevUF0JEChjHMcyAERAbv1FxPcVnjEmtKQOGz2i_rGREpWWUflr5EPFF_nNInKUnVeFxgFpoxW4G0F5h2GuTepuPgXUNPWve6yqVwr60dLg2Xx7izW4t_U48h6QKHs35n1bfk9tPhMVHlNMzidK8n9KxmOqOMlwXQn9xnb8U7tXrN1wdBlbtFBkkqCwaCwzS8a35UvmGbIxTeZfn_x4jwLuBcjO2sZZBVcijGaJHWibr3u2PmF-4tZtOZT9NX8wSvlsCjw_uGO6Juv0EmMa_FdWMVEc1kHOq39JdnF5_oi-42UOZSAdprxnfMkH-oYERQ_dg1kOS9rWHzPXxC80zfTHyK17ubKuJrCFnHcAZahg67nU8Ab2TVgVQ7JBpMBOujdbe-TunZgrUGu7G_lhlCsQQ_H1ZCZJUhVjod-w0R0Pr7MaLplD79qCwB0jPahmYFDI26-MxmFADTN7C205vrHXzRUO0WzEBxIyrijW2PLNJOd3SBvtghoDc1COsCnRX81tiFKg5z20AtQfSSPk70JijXVJHA3AnnUfZN8xGmC0_weWxkVo1dewt_CBqWCaJmy1gOTJw3BBYQIRMPsapflzqaCjXeidyf-mlvRuoLMZdfSPxFS0nl-KQFqE6-GnBw4eKelvOzy5_GnzjuvbGdlopzUiowS_uktGPJnRYeJIMKjOQgOvcdq4KscuL1SdaQPWyhmK_38yLwLL6TRSZAcC8U0HdEaetfCG-a_UCabCBU9Bv3HnJXpWmFhmRcmiT2FVFQMcgt1h0GxhqFYrTYhdm1a66VwvARDBmLaEwki_KpqK3taZOZ0UxDzfKZVuVj4q-Mm8IFkqLKNoSrrNlUbXKNS39rMCrhhUNmKMoKmQU4AdrHdz010nZ_TMaSTzIjyDC-qLg9scJ_kUCEElljutYA8zzqLbcboSy27jVH15ZO084iyGZHYYa3obbIfL9ESH0vLxa6Tx_cnjonj8M1b3jo4_82RRsLME8vGYjj6ua29ipoAifcOAhwzVoWCFSq-L6xi7f5ZpZE8Px-IyXi9DkhEbV1vjdEwZC3EmPw5WqWvCUpHBx83EXe2cRKS7wvOOX2ggxN2lualinzrMl8q23q7zZu6KTjlPQ1wG1fNkoJ_8ItUctebhFUIQ8RKt93EFfIFNCuTc4yxoH4M3BUNnFwwDCCa1jhwq2ubJrk6EzrX_Z4G74rUszJKnRNFkv-2s2eJUY_aittXjTbNjtfnqTX4xB7aVROkUR0eeiVjsUj0Qw-WHawq7Oe1yMLEP2cy_KqcCxJu5MD6WQrLC-4LQrNgrsiGTRhorGd3EXuR0GT1Qb3K5_-zQiH0FgIOVHtj_te24MyS-QTH_Ycb5YrJAmb_CKUKzyKwQNfPJwCZTsRYrr3TDN5CW583WLpOR7VUeSaeETPPHLhQDqQRB1-wXagcX239-_OB_4-xD8a2jqRCFLENzP0U1ujSNVLteUafWtsVEAezYsnPNKqkSvM9inlbOHQVBRCDTNPfeelxxXAE8ES48ea2AkR6pmWVLyh6MQBnWPo2gGJn5TyIUmRIx9xoyC0kOImzulPLstRbpqou7yE-dRI_w-YdC7DZVmg-W2hhfD1WulVEDMIUvgSsnIu9sGxaAh0vyXidBvgAJhU1WPdoT2qmt_M7nMgSg70OMi_UulILUKa4thCo2BB1n7CkubTh86ri4OrGTG8M9Z5x2KsTj-vA&cid=CAQSOwAvHhf_oTem9cluzlC-PzNNilyRKCDjh7gGZoAPjG9VYbIQJGfPTeEnwunN6MFT1VO3LgS_TPynFV9aGAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscqNnSgWkVnwFdrCKCoDJuvft2F8iBjL5KwPRvAqwQ_l8ohDQ9DdLiRptWIz2aQNBg2GP7WiZA9031O7cirGaRFpe44xjftjcCbyw8cQ0VYddthzGY7ByT4yyavta8EDtmIoBR4iaX6YRb-KsTmzz6DnFslVaZtMQZiteLEzLMk15mDt6X3htd0DlHhWK4hUoIEcXmdJOppoVGwOHODk4xpy7se9Uu8n7b7mBd5rWfuo82VPmnfAS4SikLMKnct31FKzNbna7MPPNId5odFNE5NeWIiYX2iFrKPpYJy1i_r1CgWjDjkm5yacoHphUuDIvx20q7dJQmN0mOWJzBJTLR9KtL2WontewfOApk17OvTNS2ZS6qBS70hLcBI-0Z49Ny0y2WbJbm3wtbl3KB_H2NE2_BnA%26sai%3DAMfl-YR8vurmb5honInoZJFeY4FdlfRAQvGAiK8Amt7gjEIhMWi7XRgwwuarxdIoqj9GEfLepcWfD_KI73q3I-495C0Dx8lf1iIY7uQwdStfyREw6crmTEVaLZmUgy3tyw%26sig%3DCg0ArKJSzDEL4JjhPJuyEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=716646912007210400&adk=3944675603&idt=524&cac=0&dtd=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 00C1 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFrH9iJPymqsie8506IFdQw&google_cver=1&google_push=AXcoOmSIBT6EZTlvvy7HIjZDnatC2-EQrVenX-BUzeMaRp7HmGG-aydjWUnOaQ-HGooOlBmVqnYfR0h2VGVREhXiHnRhejaHOUjwSw
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00C1
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESELfANzRFekn2vjbCdHleafs&google_cver=1&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgESs983ISihPArR5TW
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=azFEeUh1REVDaDZaSmpXTDVreUhaUQ%3D%3D&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgES...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=azFEeUh1REVDaDZaSmpXTDVreUhaUQ%3D%3D&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgESs983ISihPArR5TW
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 21:11:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=azFEeUh1REVDaDZaSmpXTDVreUhaUQ%3D%3D&google_push=AXcoOmTTDiVsgAJc88Fizloc4MM3ou7eWsC2mlS5erjjPw33D-YTydsWK7Nvloy49_310TP0q5OPloEu-tgESs983ISihPArR5TW
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame 00C1
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFNM2uPFjw6JfJazEvsb-oQ&google_hm=87e35591-8df3-4747-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFNM2uPFjw6JfJazEvsb-oQ&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmR3fd5MvnBdEb9cDNywNqom3S8UE_-oD1lv7JGuFckfCChC3aWFk-01YreCxi0TcmpAQe1L7lCXFNM2uPFjw6JfJazEvsb-oQ&google_hm=87e35591-8df3-4747-abf4-1581f1cca478
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00C1
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJa13YyWx5naGi9TP0jDqrU&google_cver=1&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJa13YyWx5naGi9TP0jDqrU%26google_cver%3D1%26google_push%3DAXcoOmTKxRzYHXSAvOd2DX...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6508938693885992533&exchange=193&google_gid=CAESEJa13YyWx5naGi9TP0jDqrU&google_cver=1&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraY...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1MDg5Mzg2OTM4ODU5OTI1MzM&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1MDg5Mzg2OTM4ODU5OTI1MzM&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY1MDg5Mzg2OTM4ODU5OTI1MzM&google_push=AXcoOmTKxRzYHXSAvOd2DXvWcPzgN0_pFczwy_v-tKf2GM5nAraYHREO-2v_SxOvkgGqU4DiIgLp6uUF0v0rhbc0Y8IKuUsjf1cdHQ
Date
Sat, 23 Dec 2023 21:11:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 00C1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECcx1OXM76glDvNnwPnUoys&google_cver=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb_DVDHF0jGR6LfctoznjK12...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Qd5b-Ni_SVu2ap7Zi3owhw==&no_redirect=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Qd5b-Ni_SVu2ap7Zi3owhw==&no_redirect=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb_DVDHF0jGR6LfctoznjK12KFOTaghDx50h5bJH-CLHtws_BQ
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Qd5b-Ni_SVu2ap7Zi3owhw==&no_redirect=1&google_push=AXcoOmQzFRax0LDLDJPwF7mcHlShWWmmEl6bIKUxO1bOttstXx72tb_DVDHF0jGR6LfctoznjK12KFOTaghDx50h5bJH-CLHtws_BQ
date
Sat, 23 Dec 2023 21:11:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/match/ Frame 00C1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPGqJYSDUS-DGbm6yvDiWXE&google_cver=1&google_push=AXcoOmS1OMSUIKw0C2KhN0PvB8baB1YGXEkGkVDj7vGfAxA-xl5VjG86VTpVRjxYT6DubkiEILWdlK6ncz5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJiEYarQ2qT7-r8ltc16XD2aBEs_rjWMgg&google_push=AXcoOmS1OMSUIKw0C2KhN0PvB8baB1YGXEkGkVDj7vGfAxA-xl5VjG86VTpVRjxYT6DubkiEILWdlK6ncz...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00C1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-YS3dAQvsO8bkKwfsW0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-YS3dAQvsO8bkKwfsW0f1tgYAlNO0vVmIiRQzMZQzJdn5oq4LtXrOHxWMSk0KsF2jcoI29Wj-uaQp6ScZFgUdiMU
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
an-x-request-uuid
ddfa82f4-d177-4353-a33a-4afcd756937a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY5NDIyMDI0ODA0MjQ2MzY4NA%3D%3D&google_gid=CAESELx0HP_bvTefHVicdX8FStc&google_cver=1&google_push=AXcoOmRZBoTT-vA-YS3dAQvsO8bkKwfsW0f1tgYAlNO0vVmIiRQzMZQzJdn5oq4LtXrOHxWMSk0KsF2jcoI29Wj-uaQp6ScZFgUdiMU
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 00C1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jes6vz6XNAQ8985GzE3oORcFn1cORIrXSBxB8CyklbhN63JyKff0XevWOl9YQoF9S-E4Ui7IBbzw
Requested by
Host: 25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
URL: https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 99AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVyIoPLw4sgB9Nlih0J-rI6F4R1h27nVRlyk3Bb_czcS5d0-YK-A0EZZ24zOIxseMSRmYWXd81zWxIsfVLe36H4KH66aakCwDJaStPRd_YZsWTGIooveKfTCBnJ6orJ59xmghdfzrIcKWzxNsCVVF_NtGA0DXVBN8ypktYl-GMG5CiXjf9xq-rG-qyyyitbFOYI8qdiHCVDCjQlCHcTI0nWo-H93NvbWA4RX1AL4UhS2AhoHmoVT0nE4BDSXJfwFMEmxY2Qm2EmTYzQ2w7ySalTXmUnaT-7iHc9zHIwjzVpN7ZlrwAAIpSbE_pjnEMtQ2eeFHkSqt0HPXwkP5sRabff8TloCR-Qm660traKl4aDfLHHVwFKqTYYmmgx24GJouDRhrOjZC8tY00XIhY9K4BvH2UNp9SVNj_9FcdCov9XOUzEilzkujf-QSHx32aEF1JblpFEvj7adZ_-U-Hsjc5E4ljPngY3igO2JaU6JDCiQMy5_HJSCrl-Kvmb_Lhtlg94cmZv45vllt5VUzWF8iVMKVHUuWOFdUfbtEbB8l0tgOUwl1aqdH54GgLGhXDyW6-miOo4y-4GYAG0_kaFojQVBZBVC0eBlc8e0g-uLE2_Xk1529nFHgn04frRuMB3Rj0q-p33L5eoiS21UW8y2wEE7Xji1vR3Fk5tNOsxHo-nL0wyFhyaN6AxrbTEgUVV1m8rNP6nW4a_AAOmbql-9Udelr0-6dv2p7_cYBT6nkPdlcklOHJSkcjbakFuU8LRiwdvX1gIcBuZfYD8VWLLhvYv7F1jTdutTNu3L8K2riLoyBR3ArecbOtEx7ylRcFNyLFKYlMYYiv1ldWlfhLCx9PaDz1beMMTzp47jj0iGpyK-XAA07iHesIYTrZXLHqZnL6nIAjU-iZv7s0bz5DVfJ-i_58zEUBOGYXlxHN1G3iCue9-bwpfo1zo8hiId-y-bKUXeZ5U3jnJUscgEizpm8TOophjVezokmrO6E7fqrbDAJqkuCLXzjT8uftq_f55T__JbIwIFoaZXnApIW7Ljoqrh8OHwpNHvob7t4ZZ_icGrwO4qDhDQfryYvqNoQIpr6LGXusTbUiO8Wrg7U8Lgjx908IZ5hxAB-Il_31F5kGzM4pBhouIEXm0r6hQV9UXaqzTfDU9M2AQUpjS0buLzszY0qYQUrKZndgVpUxvKgxXzMpYFqhBjfGZw8zEJ9CATioTc4cQuK6tce4ReHpZFK3_jF87J3fgGVOs2Gi95z_UcjDrEyEk4cUoUuqru_dwaTMb0PvrExZ2KdxlVxAzZNSHdD89a7iBU61pg95ISKibNZPz32r-bGH_SdGciNtGsNSkrPG3hG1xCsBxtfPajixMBhERttLr9GH0lCWlRkH-pHyjSloeeten-McIxVZBaYgteCelm0eqFzP_aI9ykMv4a7UFVd4SB-E_cE-wGuw3entLKkGuqHpPOfMkDfprd1os4ibm8U_k0x4hPafsQICR5c2fIj7fO3SCk1cBy1UOwUrA15dg0YDEzyv96Ionfmr2AEouEqlX4X4iPtsezBAxLOIyC3mbinfpW_1_-X1emyznBbmecWsdoFZedsJ3PVdLQHmS-YaoZDU32ObnsOow-XW1VWBXej-pBLpaTWvcv1igvkqNKJT3hla1DgAZh6ZIo7siPZJ3o6tXa95gugNbXJ1315ZjE2Y-KRgkI2vwOXNJk4T9Qp101pr1Moq7r2xGX7AJVxnCdHd7WigIpXQw7mcP81eSJ6mDkvthU-6_2QlrZcTgIBrWZBIJLcn-EsJvocW55l-NhLC7aeA24Gvn3-DdQ&sai=AMfl-YSOmxjzP5W0zJyhDwjTJfU0lZ1SvehH0U-v9e3qyPZCvQ1MY8jb9wm1tOKPORRbRua1IMtm0OTvSS98qJlytpntcgAVnTxss4PUnqnwY61R1fDfJgGDMxN5uw3RVeshehnIcSgUVzQ7RxLLIybx63vT8G73t1yNmqwpMYJyeZecv1NaA2Ru1oyCE9LI-admKnTvGIXR2taSLJPrzEq4G5RH8R9ZenEhEO9twopLos47oJn5pIvgFjPSkJFQaUwj-mNUo7Lk3InYto1HhqYHRhEESU_bLw6--7syRAKlXOsa2ZOqQXu3J6C774-5y_drDnGlo0APkLgD5m91sIc8RfsxwWhER6B9RNpgB99L8dc7HCI_uFT7IDJfxRRMBX_Ch94SG30y2eWH5MTMOt-daROHVBESJKrW7zg8Ew&sig=Cg0ArKJSzIdL2qoTZBeDEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=70&vt=11&dtpt=68&dett=4&cstd=1&cisv=r20231207.49114&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AABUTV61tl832iqjEady9Ad7ierNeTymc6eb6XAGLB3M9rN4_hi9TXPCOE6S60JJigR6EnW57qD18uwlEdla1LRn6jLl9Q4YZA9eVh4Ad_nGjC5jy9xf5j0m7BKrRjvXOmcA93RwreSpFFlo3ECzE_1dJk6bPI4TP-o-dOaq93T4WH8Ok&dbm_d=AKAmf-B2zd93pIR1f9nLGEdxrJcaWmg4SJQcC1ZrivPeMBbpkjbeZoYH07V8nXpV5GeMYPAEUXakGEt6V_rzg8jKOrLu1cXPzoxQClNy6teu3h2IPHqddY6VeHVTfFS2jTBs89QU4aFwdVVT4XLSHt2UdIbFQwzGlhGCmppLWWg_KnspnBQ7jb08Bx9cwpMMHRJ4G9vzVR6N0aTc4VaoJ-_hfl_T5YZJGzocwYS8Ca-Qbl0qxCDJ9ve-IQgMoPGj3Mrt0uKcOEl8n-B3UxNcYPsnzGqE7udnl_xRwIIUQgMAbKYcH918BsGYlaLmb7UwfCY5Nv8LejR3OjHXKxaAopPvaanXCptF1gZKKXHprs059GcwHTLEfns_bMdOrAeHFwR_WkR3v7sjthlSIFmUf_EFTapRPZLfJ3C64YJe298_Oh2w8kV39x-6YUVNAQ642qwg_GH-yKyaNm12IetOvfWLquW5Bt3D1iAPa72tm5L5c2r5Uoq7vGPh3DkgcqS_C24xe1sNTQK5iccHQcaYdfaMkYEfEpYlcLdqsd10RcRK9mtQ4jUHKpIlUcRqE-Pnd3LeyAdBpzNSaVAn25zGmbZCY2-6r7XmEUzKuJpvb3LGL3J9lDyVp29Ww1IvLSW8YJH6ZTARIuXVy9l8exgI44FyjscJjyYlp0xWnYKEBBeFmUbsskSPri9GgVefSOoiu7jFu8aT_RBhFwYQWCrhGRHrEn2rY0ye02MCvTtzK7Wr5AXhi3J3JneyZyRHxKDGpsTyClN1DL9llLYj8p7Wkld-S_1YcLilxwarx69AVpBmZ1ETWyvaapxAkZDRuOfclsj6T-kjGWoIQ-CPz-vV3NfWQ8XVExqALxr6rb5FQWcI1tGnDPjQP2nRPwXTXqh2-4hVteVmM8iubCbwTjx38WNxzLDq7Xy54rlvUh9SpoNoSLR2QDYkR3VNeR1440dRvZxguhx7X9c33N55sfBh8llidSjbIVZFVz-kFaGwSpJF2VNjEij9c6H2hRWhOZrXpIk8QhtTHOp4rlPNnj8wKiNIbNE9dEI6Nl3wvNsvDKm8byDnMYLfp24MPaUMBbNUuSQRtSSKykZ65xpNSFWcPX-_8U-JAhVJEvIrAvHhrQPaxw7_p2qpNCwnKASLoepexgWqLwFZFdJp0Ry3qDE47QSc967yj3eSJE_bsrNdKGpuJgIjpVBgaBYITE76dptFPIXxjQgrx6AiNv9P9H_KtfRJ6jv3zn03hSj1tDHhhhf5IVSB_XQ4PwcNU0yPD4JC7LzNRuoqyOOgSPOHDpRi4xNK8OcOBbCxMVx1Ooo-4FkWhFh59FSyntBnnx0u1NA0GBOWcjsYU5nYcY9GqKcvHUMjJn4bK5uqzUCczZXuy_mOSEt7TNARpa0lnpRT4v0YxIhUTY00k9fhsb1B3Brecp_PqSIoVbzKeMSbCd4DeHeSImwnXlCOa6zIbl8gcwvyS3UWU9uoFbwQJ3WYA6vBlR6BBiJ05fNopMEnxOfPfsGxX2zKZ0be2hDYo8Pso14wHkIlqppKQRJgEKNr8ePffGNopTvyUQ2mCtML5aq3UwklyRunhK9szHClNRMMrYLNjpgXyiml5pH78A1xtF_T2UvKIxysX19bXnJ2hB0_96oj7o_DmnhqbYSrGwqy7bUlq3uaRu5W4q2GtZsb1sCkQtI957xbpAMZTHdB0PTKM_N1isABlqJ6rxQiMsJRC_vItVJK0Ol4BzgmrYv9vc8eMp6jNKgwMg_zI5btdEsvsmHrQ0psigpmjQM6LoB3k4irIAwhLHlarc8b08VBWCFsu0kbpKtGgM-_bcqPwo9EJDF6FCFwq82jnvP7Ypevx4G9NyAr1wfV-Tn7GQOJ74ZSgmErynUfs9b8O8VWDx9BTdN0Wxw0cylMvg-JFRObSAf96O9TaeovdSr9MTYAVSXI3HNL4sWNm0_2lYd_0fL3w_9njNuDA3aRWc1oNZXh9GZdS0BeYTQX_5WzxFL6dS4uESg1yTQ11y1Ikl_UQM-BtA4I-CJoO8GvQPZ4MGuZfMakOpIldz21vwEamluPceC4qbeKRIv60d8kWtXp1bKXBh2tPWNmzybNAw5zuogE5kGaDJbNy-FDERDPGwkS4fqv5HgXG-NObhew2N5aATLUbGVDZ7EjZOxPC7BFAO1QLzI-vo1SaMH8CnWeDxlcjrt_xZu3zwoDywMPZx80ULrDMCQ4V2fyo9Euzmqd6qM2dyUhgQpIfM5TsdAQIBNY5BTF5iqur--kT430aDkxExO0GV4tzrSddqCjIbLoehi4zLezN-btJsyGXwQ2TxnlrOY_nfYGKYhtGfXTG5_ZHZ7Zd8YzipFMU0u5rDPPC3uR0SxYELubD1sMceVBi5oR_6ITGpMBy1Uu6VhxCA3tKmy-4wjWl10Rt-ewamGIXu7ZNeea5cVDwRYRrAaIwZjtqhwExNLo_Ip-CgcFhr9wYDmd61sTuWO_eDj7Gw6fjCp-LBYf-U_J1JAKIVjhLIogF7wxUpiOM3_SbzsC6ozQA7vmIQSxv45OoxB7mExlgUG6CF0h1XIa0IkW0OqEM8OdEYD8tzNnbG92CqIGmniwrGNT39121j23bDYurismvymFjbziVORf4xvw5vJU8VZHkyfZll8MPFF3iiSjaRmqkb8X05YovCYEKQlAU3l9oj-UwvOnXSg6e9rAHBEK-euuF6DFlh0MQx190kdEkNuQ2zXLiLn82fZY9RGGYsuiIxUSFAG6zvv2z5mnuzMrfHfb28SX22QXbCiTr29cfJxUWfNo54XroovnJoKHm2vsksHNGrEj9jvqpMhqyINrrjlo02lSQ7cM0sV_xoUS85hFTb1H7yHwJM7yITVrRETSZOytxbgiCl0r7f5FY1i_KL8H7HNnimv7atFjkOecwsQm5RCIjNsuIQawOyDSTlPODU4CCV_7Drr81pjmhDnjLMoqaQ_EP1JJyOssNNooLIZCKbXKQak__NyfzmWvb3AcZ-XDpI_9iY-WyzPde5_zW-MvLyC2NcZngfJYl6zz2EEwsB-HfIdADVYAhNnm4768hvMX2n6Rg7uo0ZebknbPE_s4ZS8kSIB38hiqBIc_62Q4f7GLuMK6JPJ3YQr_YerKpqvXq4-jyeuGRjqfD4lkfFDJ-rpfic8S33-aV1jvXAYctqz3xlnJlyylf6x5AwxfSbXwQn4HDfpMvkAZwYJ3n4Y0WnjbBtkBykI7uTjSfHAiVLyAPYr1awv8Z6NZuRzKY8DQdWHuHmGYChY3bE_XMmDbtllfrqwhd1vBhl_JQFl49v6IlqU_j4UB55teyZns547Z6RkAX8ZqhO9imXk9UaheizFzS2R9K04rBLPsqIgWtTfBkO9Q2grsELyLL6fsc1QNtF1SbsHsNGcZXylMAUI__FrthIzyHgj4aqHZ_7Dfq2oA_rcqmKN81WmGZNR4N9cZrhOtMihRBO5Nuawbf4IbwaRDShV_EilRPocaLczKlOVTG53AJHaeY367aQCAcWj-tz57Hx6ZathwlL5jTXGoH_zNgEkWNJXrYli3kUaqqCXiPaFMf03Ga_CTiXVbS0Ti0V7J4OL5eLG29kUo_ZcwGcXwbyOC-KmYk2E9ja0BvPZBlqdbEWd69kntJrzLNGzuYvN_Qo3Z5ma2OttDxY-3UfFetCsMh3Rm1iqn1c42HkzDYaPGFFOuK46Nic2b192XWgpmYV3adicGHoy0cJxs5OcV7dlj-bm3B-zpuSjM7yIcjqVVjd6R002D2CQbLAB-BH8Qr4ZR2lYaYGEGbi8y3k4D-FMCabEoQkcIiqKZb1Kwb3vUk06KKXcpagAJ3F76lmrgk2gblx976cQbRwWfzzk_Vxws59b6d-uBNHT809ILOJCRpY8Ih8jf57BShPnvcI_CGEI3MLDjBB_BfypYCYb0-M-l25QA3VshsPNANRbTJuTSlTTwWkWAllzWsrU_tWMia_xamMlnuZrgWzF6xVLnBsKg-x7wx0aboEHewKPV-ztTv84ZQ3IWtbyMg7omj4C14rPN8R6xxMLQ9YHkomEDwbDonCM7Io6ZAOCyy6tg07hBzY1qmnfDmzM-vsiydjGsEGg0wRPZ9d5JZ0GskH1dLEuo1xMhVLoAzK7SxRDQWqU7Fq8Tpp1VVsx9bGUJ8AU-OqSZ728McvDL9iASx7xLt1IYy66yfBqwzZaD-3L3iIaqZNIzRbM-0dHvyV85ZwcQjwy5gr9JpfS34wAk1R67Pb9M71mU3JdEfWF4YEFKbPzJK6OAotmMWo_ZNsNis4tg8W3J2sIqtBLHTUZg47oeUI9l7ZwSBuexf6kWGWujqHWyvpy8S7tk88mCsyzDeVhKWbD8HbB6Ru_s3g_QnoyTyfReGnUQEd1L7rBIZK5YGNC2F4C4tnNF1tCIa5euT4M_s8joAnVIhp5boSotYRtVDT_P6EUSRs_PmQrRxJQCn0FEhbdx6ihM6MjUGQLGTk5Da4q4wfgAUZrxa3b4UDc80kFJrxe9RXk0yh6c_8fS_tKjMybEtpUCtmrHTBn3Aee7HD58r2hnqLBJpjeuUacUVjnPVc70QsKcUt_siVxjugGc5FWs5R6MNii_V2gjqonccjvP98Bq_s0cuE3yJIaTmcinU2KlNiYWyc9EpTgq1AkztQISXfS4JsjVYnKT4g16b10PjbNzhhZ9-ksazjZ_rEgZx42uxd2H6ZGApkf1sa2SHa5tG0ePccJp90CB7cErXgO58Pku-YisVi4DJSfifQUtrBEGj8Z4FzSIO-EczvX3WL074O6GFY2aMBjKze9Rs1OtdBI7WxYXnQ2MgAqXrKDZNOkB1_Fw9otEHF3s4btMO_FhG508xqrSnpH6usTqIqX5Pc78fmXhXykEg0eYdNZhHePrj3VK0Kxhdy_1MBkeKG_KZpIZJQLnLte0ocIbSz8Ue36X9EYlAyd25zceycckwwiPgX1I8rfAOYMoNGUNjC_gDtM9-hM2aINajfT4MfdtBjrN8Yx2jLWORdqsyJA3qxyjf7KuGRaM50Z9v0lxMVXx0hCU0hnfmChogfUFNKA2MpLzVrtKDpvrTVRnTvDJBA646LUSEbVA2DgDfJyCtqxVFa09x18P-iv3ingfD-1B_nDlBzWoaxM44Mp85PjZs31MwFwMMaZMECsV492FW1sOU5bbN_R_KoBYYr8RAfZdtHdE1le0Ntzu1yxGh4ImDEMNjo5KbvUAiSnlW6qf2nV3K9_nIMVgm5CpeuGLkuclHZ2pc7cFchTbjaiXkKi-6lX3R9BEuxJLT0Cp03loynf2XZFidzDSquzcAR88suRoqjRq3_sQbskN0B2zB0dyXU0FmB133JQ6E6MhdY1IrcICAr_PhhcF1aJUMg3JSYz4_uVWzS27hMSjkehBMQI1p3XKaIY4jw&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&xfc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvGhRAGAF14jS6Yec6IU04n8ybcE6WePxh6j39i5KJb_HBn344K7UkvDTIN6ESHTDAGbKDxeHNFmDIq4VssEb6tyyDGt5wriP3SnlcDA5HtpDuUNLw9oovtumgdFv2hH6jTPNN631Fl2WjNtsOTGIUY2hCu1J4t159aBvzTcSc6fM7CyA-ntgMo4ik5Te_xYIH1jxFrC-V1zIOyVvSZfCLhazHzvTmHvc3sk_GEvwv4zMkutO1yZ4aZKLjSum7mwl5vFR_SB_jcWC0doSydgOdOcs0APEG4pz26QoZvXPfRRud1nC28zp5IxVF7osEWSyGjFVCzqLvmjS-HmEXshziTLnXUN4PhN-qKOSXJz3Fv2kcsjWSJR7uSULhGDOPZrKz0KJ2Bgm5cypWWddzV-YDuylgFaQ%26sai%3DAMfl-YQ4qFNoSgPQptpI12dwlV1-V3RrDG5QMbXkKMHBFzDVqHgK4X6dKOWLzbr1HWdHia9hYYpy2YjFm86bnxiSWq_q10AfjJ9O5ZW33a_cDuWOBCB8aHA_im67SLm6kg%26sig%3DCg0ArKJSzL16vjB1LY8fEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theguardian.com%2Fscience%2F2023%2Fdec%2F23%2Fprehistoric-handprints-finger-missing-ritually-removed&ds=l&xdt=1&iif=1&cor=7926059378081780000&adk=943508964&idt=530&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&performance=%7B%22dns%22%3A0%2C%22connection%22%3A62%2C%22firstByte%22%3A31%2C%22lastByte%22%3A32%2C%22domContentLoadedEvent%22%3A213%2C%22loadEvent%22%3A3888%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav3%22%2C%22nav2%22%2C%22sub-nav%22%2C%22series%22%2C%22section%22%2C%22meta-byline%22%2C%22auto-linked-tag%22%2C%22footer%22%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&performance=%7B%22dns%22%3A0%2C%22connection%22%3A62%2C%22firstByte%22%3A31%2C%22lastByte%22%3A32%2C%22domContentLoadedEvent%22%3A213%2C%22loadEvent%22%3A3888%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bfa49281d35afcbdff630cc90eecd4eaa3554bbdb20647aff224fb15ec3163c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12171
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 1194 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theguardian.com&us_privacy=1YNN
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:11:01 GMT
server
Kestrel
server-processing-duration-in-ticks
574181
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 1194
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theguardian.com&sn=ChromeSyncframe&so=0&topUrl=www.theguardian.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SMmLJnxrMmFaQXJnR0hPNnp6ZUozNTE1dVBjaXdIdEZsUFl1OGhDaVhOVzFJczl5Uzk2bncyV0hNOUJUYnQ4aVhPZGI2N2FSSFQ2Z0tkWmo3Qm9EQVlCUDlQM2p2aEpwa244RXNjenpMMEFlNVV1aHJRY0c5Q3FhQTFtQ3...
422 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SMmLJnxrMmFaQXJnR0hPNnp6ZUozNTE1dVBjaXdIdEZsUFl1OGhDaVhOVzFJczl5Uzk2bncyV0hNOUJUYnQ4aVhPZGI2N2FSSFQ2Z0tkWmo3Qm9EQVlCUDlQM2p2aEpwa244RXNjenpMMEFlNVV1aHJRY0c5Q3FhQTFtQ3BZOUZWN0h5MnZFUnNXNlpSM3F6QmZmT3BrYVFEcDBUYmxHUTV0ZkxXNzBjQ0orN0ZjOEhmSFpVWkYxS2RDQnU2S3dEMEM2WXZlbmhIWkoyTVFlNlFySU1vU3FzTnIrdmZDUHVKT25LZ04vMjNuSkdlSTkzdGlBeXlQdGpFMkg5Q2E3ZkJ4OW93MllYZGFNTHNoV0NQQlFYR21jZzlUck4wMHFvQWJmY1NzOHRQNitBZ1FzUT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
36b6450cd74cb5e0b1dcb65c325e07e3e29b98c9c418f5f19cb311f56561555e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1956130
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SMmLJnxrMmFaQXJnR0hPNnp6ZUozNTE1dVBjaXdIdEZsUFl1OGhDaVhOVzFJczl5Uzk2bncyV0hNOUJUYnQ4aVhPZGI2N2FSSFQ2Z0tkWmo3Qm9EQVlCUDlQM2p2aEpwa244RXNjenpMMEFlNVV1aHJRY0c5Q3FhQTFtQ3BZOUZWN0h5MnZFUnNXNlpSM3F6QmZmT3BrYVFEcDBUYmxHUTV0ZkxXNzBjQ0orN0ZjOEhmSFpVWkYxS2RDQnU2S3dEMEM2WXZlbmhIWkoyTVFlNlFySU1vU3FzTnIrdmZDUHVKT25LZ04vMjNuSkdlSTkzdGlBeXlQdGpFMkg5Q2E3ZkJ4OW93MllYZGFNTHNoV0NQQlFYR21jZzlUck4wMHFvQWJmY1NzOHRQNitBZ1FzUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
309930
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 21:11:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E10A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
176628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:07:13 GMT
expires
Fri, 20 Dec 2024 20:07:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1672 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b28bd8abc299a2453d6b0762a3d5b3766d9687a3125b1b389c331d6951451dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-juoZ8yDbZSKGioRpxs9cuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-juoZ8yDbZSKGioRpxs9cuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 21:11:01 GMT
expires
Sat, 23 Dec 2023 21:11:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SPug
simage4.pubmatic.com/AdServer/ Frame 3DE4 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E10A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:08:13 GMT
2
ophan.theguardian.com/img/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ophan.theguardian.com/img/2?viewId=lqik1vgtl9q9iyj74x0f&adUnitWasHidden=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.176.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-176-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:02 GMT
cache-control
no-cache, no-store
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1672 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4274935697318139&rc=05APYnBZWMbucqUYmTQt340PXpR50hMDqjnFj1ZHfyAfNH2uScXl3pGKjru2ziZ2qT1aSu9bytQz4g_zZ8sy0TEPYDlNQSeEyEdf4-oiLhy36aXTdnohxzgIzGhLkVR9glz3hl5VS3deEs10Pg4gSYFG_zuXsNA4T-nhgHFDl4EHHz7ZULy0sXRtgrGh7uKSfZLrEpEgwq5L_z4enOlmCDK1Bu1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E10A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MBA2hg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4274935697318139&bg=!QkGlQQ7NAAY3kmNgF5I7ADQBe5WfOHOcmgdEoIW2fQywjtsxo8TLvVgJPaVQi0siou3K_GUinWTiYFtle2ca4An_yrqsAgAAAFZSAAAAA2gBBwoAUD7E7AZh186vn_6fbwf9HsE2xSfFLTdSsNmmq9weHuVCMoZy5HR6IuTBgrGwqrw6XNU2xr69mLyEOjF6OGmo7-0QzoV9IKHlvJ52L8Z-x6wzmQL8kPTmJ0UQhcNedBYQ4sWwiZpvs-K_VOvTEJ2VROmOK5tD51fdfvBRv4VdHPh8Rq0-b4j6GALMD7zP2Xmqx9xLQrVr-4TsTLJb357EF5TFKG8xPh3UHNt-i2N25MyPn9xHtSB9g4Ulhmf4VKuRkAiNDkvKS0iVk_Tky6sBzFvhzP8rFwU27LAea0Qa3xmptWrIGpzYjlcrbc-AmUzdxDpLWl6x7KHGHBunnyaqiugT-VVJ3_JaYOfFKALwcDbT-CH4I8pgURitzQH5OSp_0JwtQdLO2kbQ8MEkAWUMPAWxqz-kyBq5uamFEtt3RQmIAbgVWmW9ZI0LI6FiydtJYvwYCHXlhbqHyee79y5ujM_zzIY6nNGw9ysTEImCI3RtrZjh3g-yUjVBk9m7ulOsWUOJmGeG9wjkagS6ZtU-MdpHgiRKgqXS84Lc6ejAsvcsAsZQ4MGxCIbmI8hwfdcVdv_YM9yQZLYLcEk9HsxRfk_PhDJJsrSezFu5lQqLxtEr-WmUhK70FVvLox_CfdhutVr3D4YzsiONr5SX9rgksQ4rBUqX6yO4K3UBYkCjYfm0_otBwttdHlWGbXqNqI3cJzIpM2IQv9A6k1hvwXdRWsFyJHD0MRE_ZSb9Cjpfib5n_WnQ_m0i-EPmD627KYXKskyyTOatuAtVmj3FUhEHmCPO6l6HcZWaKjFlUhPE5uIH8MHsGfaXvfc0-8YPzZvAuLBU8IOIuyKb4aCOj0hZgCNYvwHlDAO-ixA6AMGwG2Lehbna_ZL0qUWYh3xKMdIcRDqGr-F2Hv7GX5dGirfH9nZl3L4yHQc2G4yGrSSMGpW-lisMPd1xwvGtQr_Qh00hT_eqzyzCbgLaZBxjErxaukyqR9OeeQEKhPWQh-LFqJ-HOkWt6gQBS1v3Rfo2UHdZY4KnYD6IySkLkaDJhsm8Aktw6XymNDchLGVNkfmTIG8D4zKihjJfueDzn5TrCerbN8iL2zfk60W8CCE_yP1JfYzatUSM3O6KXG0sxqzyWmo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 99AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9bJkay8nK2VZvsG3ymlBcEV6IypLCNjW546hlvMTNqazxr8XCmvZqhdbQIDRNnnXa6e-gH0fZEp2HV1bkxCn0hXiolTdy758MORJC5TZCfrt4UP5BrXn6iSR9lsyK18rm6YGmIbhtw_cfZ2xiUhx1BmayRXAwsRoNnJSCFE6sw2CVzw9sOV3nVEWiOFHtrVv31Zi_GTisKAvGEAdCgkqC8V8USfxouE_-rE_QzvpB&sai=AMfl-YT8IkHeC_Kq_l7COd5sWuiCmQb1QLEXXuF0GgaCh2ijKiN6Di3P_DDvoSm6mscQWuApWKMJW9djB3XVME8EZ1AfCh8mL17gIIA2ouQLcqD6URZFO66srVoUzbc&sig=Cg0ArKJSzO8coT2jhDH_EAE&cid=CAQSOwAvHhf_q_3Fb95D-UT7tsfzhc8Wz2QZF6sf9P7p4B2JA0v3HOCafmidfcX2Y_-5GW6-Lv5CMAaT9bi3GAE&id=lidar2&mcvt=1000&p=24,315,274,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3202454900&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703365860661&rpt=1086&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4858 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3925438880802&version=m202309260101&ct=76&x=1&cor=716646912007210400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
non-refreshable-line-items.json
www.theguardian.com/commercial/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theguardian.com/commercial/non-refreshable-line-items.json
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e590e947a747dc73d03d99f7465df7e71b6de6812f8e4dc2ca31261e310627a9
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
age
470
x-gu-edition
us
content-length
5323
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-timer
S1703365863.800693,VS0,VE0
etag
W/"hash6895341261189263558"
x-gu-frontend-git-commit-id
04fe268426eba234962a32b98c6cf614d2dc92a2
onion-location
https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/commercial/non-refreshable-line-items.json
content-type
application/json
x-frame-options
SAMEORIGIN
cache-control
max-age=900, stale-while-revalidate=90, stale-if-error=864000, private,no-transform
feature-policy
camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
vary
Accept-Encoding,User-Agent
accept-ranges
bytes
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2327234492446&version=m202309260101&ct=76&x=1&cor=7926059378081780000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C0BE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33906
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 21:11:02 GMT
expires
Sun, 24 Dec 2023 06:36:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame 0924 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4491cda67d7a7915fdcf5bc1cc0c8a9737bd98a0546ecaefb55e50ee571032e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1773
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
9
sync
eb2.3lift.com/ Frame EB28 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
8b4b0c113129c46df1d4b41543a952d89973c644eecb18324ea3fcacceba4f68

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 21:11:02 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 0A37 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
96
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83a398458924a21d-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
Sun, 24 Dec 2023 01:11:03 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame B67F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/dce56a0b25a290160dbd/graun.Prebid.js.commercial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188575cf3d53c617eee014889d0e22a426fe7c3b80f56cbabdcb7370a7f667bb

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a398434b0f541f-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 21:11:02 GMT
expires
0
last-modified
Tue, 19 Dec 2023 10:33:53 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=87e35591-8df3-4747-abf4-1581f1cca478&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
49 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=ww5H7KZ7SmM1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
getuid
ads.avct.cloud/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422413570171
Date
Sat, 23 Dec 2023 21:11:02 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ID1=87e35591-8df3-4747-abf4-1581f1cca478
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=87e35591-8df3-4747-abf4-1581f1cca478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=d089631d2d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0b4fe10d-536f-4598-bca9-06a89b923b61&pubid=d089631d2d
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0b4fe10d-536f-4598-bca9-06a89b923b61&pubid=d089631d2d
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0b4fe10d-536f-4598-bca9-06a89b923b61&pubid=d089631d2d
date
Sat, 23 Dec 2023 21:11:02 GMT
server
Kestrel
content-length
227
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=87e35591-8df3-4747-abf4-1581f1cca478
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f00f6766-b00d-0849-0ecf-a3937e898ea2
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f00f6766-b00d-0849-0ecf-a3937e898ea2
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 23 Dec 2023 21:11:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f00f6766-b00d-0849-0ecf-a3937e898ea2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
49 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Date
Sat, 23 Dec 2023 21:11:02 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=87e35591-8df3-4747-abf4-1581f1cca478&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=87e35591-8df3-4747-abf4-1581f1cca478&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/8/2.gif?puid=5694220248042463684&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/6/4.gif?puid=1c158477-681d-4934-afe1-16ac1db45bfb&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_2ab4177e-d807-4346-93e3-b095ac6c1218&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-07eeua3dzC7RunV9uA7F-YbLnO_uw_R1-n1azfNpIQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F4%2F6.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-07eeua3dzC7RunV9uA7F-YbLnO_uw_R1-n1azfNpIQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F4%2F6.gif%3Fp...
  • https://id5-sync.com/cq/434/124/4/6.gif?puid=fa2e2bb8-ddc7-4adf-9eda-4dda7fb9c513&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/3/7.gif?puid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5694220248042463684&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=H3v2hPZHpRiHWZu3QaKVVlWe&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABGyU7LDpoAABLqhLWj3g&id5AccountNum=155&numCascadesAllowed=9
0
0
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=87e35591-8df3-4747-abf4-1581f1cca478
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
96B51Y806VJYKJJKFQH4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
dpm.demdex.net/ 		42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=87e35591-8df3-4747-abf4-1581f1cca478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.225.183.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-183-152.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-053936ea8.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
MkM51cc3QS0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
an-x-request-uuid
ddc9a5e0-2480-497f-9d1c-caf79ae4eccb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODdlMzU1OTEtOGRmMy00NzQ3LWFiZjQtMTU4MWYxY2NhNDc4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIUbUrXE-h9vgrZsl44fPFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=87e35591-8df3-4747-abf4-1581f1cca478
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D1c158477-681d-4934-afe1-16ac1db45bfb%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5694220248042463684&pt=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5694220248042463684&pt=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
an-x-request-uuid
960dc59e-8ab3-4eed-8c14-aa1c857070ff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5694220248042463684&pt=1c158477-681d-4934-afe1-16ac1db45bfb%2C%2C
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=87e35591-8df3-4747-abf4-1581f1cca478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-1971223972&pcid=$UID
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-1971223972&pcid=5694220248042463684
43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-1971223972&pcid=5694220248042463684
Protocol
H2
Server
108.139.29.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-15.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
iv002D4fAHbTovBRYLb-7Y9JKn5So9LFkHRnSPH4LfzA0pqh_L1tbA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
an-x-request-uuid
d0658e01-a4ec-4283-95f1-3d0767f0a43c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714&rnd=-1971223972&pcid=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&pi=sonobi
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT, Sat, 23 Dec 2023 21:11:02 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0b4fe10d-536f-4598-bca9-06a89b923b61&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0b4fe10d-536f-4598-bca9-06a89b923b61&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=0b4fe10d-536f-4598-bca9-06a89b923b61&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:11:02 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFshQh4RMHkYF3uzZll4mKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFshQh4RMHkYF3uzZll4mKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFshQh4RMHkYF3uzZll4mKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB28
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1NDA0NTg5OTU5MzAwMDc0NTUwOA%3D%3D
date
Sat, 23 Dec 2023 21:11:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame EB28 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2654045899593000745508&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E0CDEC49277442C6B2FC2FEF604DAAC9 Ref B: EWR311000104047 Ref C: 2023-12-23T21:11:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNM8UvztDunyvOGDKX2w==
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2654045899593000745508?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0aNQVQpE2oSVcs1EbksvsoHnTmt8m_eTPxhsRp9iXg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0aNQVQpE2oSVcs1EbksvsoHnTmt8m_eTPxhsRp9iXg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 23 Dec 2023 21:11:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0aNQVQpE2oSVcs1EbksvsoHnTmt8m_eTPxhsRp9iXg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2654045899593000745508&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=44346e42-952c-4f1d-b0c0-0dc4ae970d46&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 23 Dec 2023 21:11:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNN&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=d5062a18-833c-466f-857e-c319d2db3aba&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=d5062a18-833c-466f-857e-c319d2db3aba&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=d5062a18-833c-466f-857e-c319d2db3aba&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2041153
content-length
0
expires
Sat, 23 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EB28
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5694220248042463684&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5694220248042463684&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
an-x-request-uuid
cf08277f-df9d-455a-8476-5002e9119592
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5694220248042463684&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame EB28 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2654045899593000745508
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
an-x-request-uuid
23b28be7-cf79-4290-883d-c41d54713939
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame B67F 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83a3984429c64bbb-BUF
cookie_sync
elb.the-ozone-project.com/ Frame B67F 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824426c63e0cb453909456435aedc5da0f5ad9d09be3a6091fb70b780a080841

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a39843bbbb541f-YYZ
expires
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
an-x-request-uuid
de2450b6-a5b7-44eb-9f0d-9f8c946744fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
an-x-request-uuid
5f4c6350-ef04-438e-9bce-8dc9c7f488df
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5694220248042463684&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%2...
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=d5062a18-833c-466f-857e-c319d2db3aba
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=d5062a18-833c-466f-857e-c319d2db3aba
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=d5062a18-833c-466f-857e-c319d2db3aba
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
705688
content-length
0
expires
Sat, 23 Dec 2023 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT, Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 0924 		0
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=e78622b7a2bbf1fc0ef9c6f517055de7
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-117.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 39d758eb6fbd8466b92ecd488bb7af24.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK52-P4
x-amz-cf-id
rN06QyjgyTMAdAOMx9Qs1WoPefKejRXIbsgMl8gXkPUSKqRr5KJA1g==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3104645389375357453&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=44346e42-952c-4f1d-b0c0-0dc4ae970d46&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=44346e42-952c-4f1d-b0c0-0dc4ae970d46&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=44346e42-952c-4f1d-b0c0-0dc4ae970d46&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Sat, 23 Dec 2023 21:11:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABGyU7LDpoAABLqhLWj3g&name=BEESWAX
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABGyU7LDpoAABLqhLWj3g&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABGyU7LDpoAABLqhLWj3g&name=BEESWAX
Date
Sat, 23 Dec 2023 21:11:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=0b4fe10d-536f-4598-bca9-06a89b923b61&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=0b4fe10d-536f-4598-bca9-06a89b923b61&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=0b4fe10d-536f-4598-bca9-06a89b923b61&name=THE_TRADE_DESK
date
Sat, 23 Dec 2023 21:11:03 GMT
server
Kestrel
content-length
319
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=dd6356acd31e2554e5ebdf80ec405191&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=dd6356acd31e2554e5ebdf80ec405191&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=dd6356acd31e2554e5ebdf80ec405191&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
83a3984459b34bcd-BUF
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=84bea3be-9a6a-4ed4-82b4-70603c56785b%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=84bea3be-9a6a-4ed4-82b4-70603c56785b%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=84bea3be-9a6a-4ed4-82b4-70603c56785b &gdpr_consent=null&gdpr=0
date
Sat, 23 Dec 2023 21:11:03 GMT
server
_
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 0924
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 11:09:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
date
Sat, 23 Dec 2023 21:11:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hNe1DwPoejGT14yxfWig&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09f32204003d5f7a61d61315&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09f32204003d5f7a61d61315&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09f32204003d5f7a61d61315&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Sat, 23 Dec 2023 21:11:03 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Sat, 23 Dec 2023 21:11:03 GMT
Connection
keep-alive
Content-Length
217
Content-Type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 0924 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Dec 2023 21:11:03 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=f98a3f26-60c3-5366-bc0c-dd3cd98b91db&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=f98a3f26-60c3-5366-bc0c-dd3cd98b91db&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=f98a3f26-60c3-5366-bc0c-dd3cd98b91db&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=5e8c4e84234d42378ed8c3dc5e8a15cf&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=5e8c4e84234d42378ed8c3dc5e8a15cf&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Sat, 23 Dec 2023 21:11:03 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=5e8c4e84234d42378ed8c3dc5e8a15cf&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0924 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-121-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=20560212-405c-4749-873a-fe6447306cc7&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=20560212-405c-4749-873a-fe6447306cc7&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=20560212-405c-4749-873a-fe6447306cc7&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0924
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f6556201-e2bb-4950-b3c4-8bf0b005c3c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f6556201-e2bb-4950-b3c4-8bf0b005c3c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Sat, 23 Dec 2023 21:10:42 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f6556201-e2bb-4950-b3c4-8bf0b005c3c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame 0924 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync.html
s.spotim.market/ Frame 067E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:974::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
af272b998f8044b154df649f67a34dc9e2bb5b40c29f5255d2c8ea57c113be06

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
695
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 21:11:02 GMT
Server
Spotim
X-Robots-Tag
noindex
/
hde.tynt.com/deb/ Frame 9FAD
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce9...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
8a4aac38ba3ca16e91281aac2595ca799657c3a94aad19b3899b9c3dcdd2eda1

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1710
content-type
text/html
date
Sat, 23 Dec 2023 21:11:02 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sat, 23 Dec 2023 21:11:02 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usync.html
eus.rubiconproject.com/ Frame 79B9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 21:11:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame B226 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
a795acf616ecc04e3362e6b2abb864ebcbcd0627ec9acbdc8106d03594c9d10f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1303
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame D4F1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 21:11:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 8033 		998 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.52 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
90913bdb9c4603692ff71c4ed35255f6e22cd667f1b30110e9a996894eff89ce

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
998
content-type
text/html
date
Sat, 23 Dec 2023 21:11:02 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 700D
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
  • https://ads.servenobid.com/sync?pid=312&uid=5694220248042463684&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2622585069
  • https://sync.1rx.io/usersync/tradedesk/0b4fe10d-536f-4598-bca9-06a89b923b61
  • https://sync.targeting.unrulymedia.com/csync/RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-695d35c2-482e-48e8-b6d3-11693c4a20ea-00...
  • https://ads.servenobid.com/sync?pid=321&uid=RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-p...
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
  • https://ads.servenobid.com/sync?pid=317&uid=7567752064217675276&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
  • https://ads.servenobid.com/sync?pid=353&uid=3463674596634439000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid...
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
  • https://ads.servenobid.com/sync?pid=310&uid=H3v2hPZHpRiHWZu3QaKVVlWe&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetu...
  • https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3D%23PMUID%26redirect%3Dhttps%253A%252F%252Fa...
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C0BE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73035221&p=157206&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
998d17d292f09be5c4f7093929955bac378df59f5a780f4fbf949363dd60df9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 21:11:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame B226
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 23 Dec 2023 21:11:03 GMT
Server
MT3 1237 600843f master ord ord-pixel-x1 config_version:"146"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=48916587-4ce4-4200-b3a7-bcaeeeed88be&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Dec 2023 21:11:02 GMT
/
onetag-sys.com/match/ Frame B226
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
an-x-request-uuid
960deaed-11f2-4ef2-bab3-99e3ddacfbd5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5694220248042463684
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame B226
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=da57f0a534d0d67cd98127f4edbdce7&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703365863102037-304
tap.php
pixel.rubiconproject.com/ Frame B226 		42 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame B226
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4be80e63-d844-4d0b-b9a9-886e700fcf8c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame B226
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7567752064217675276
date
Sat, 23 Dec 2023 21:11:02 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B226
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=fIMWacYKgrFEqBAgzEFJr-ejJPoBFE1KPBvBonKw3m8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=fIMWacYKgrFEqBAgzEFJr-ejJPoBFE1KPBvBonKw3m8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FZ9A8PN4QKTNV07ETCNH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=fIMWacYKgrFEqBAgzEFJr-ejJPoBFE1KPBvBonKw3m8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
visitor.omnitagjs.com/visitor/ Frame B226 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=em_BmT7tuJFla--_km7yVxCUBdovDGouQvYjz__gSfY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame DEA5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCR3lVN0xEcG9BQUJMcWhMV2ozZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABGyU7LDpoAABLqhLWj3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABGyU7LDpoAABLqhLWj3g&pid=558502&do=add&gd...
  • https://sync.technoratimedia.com/services?uid=AABGyU7LDpoAABLqhLWj3g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABGyU7LDpoAABLqhLWj3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7567752064217675276&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABGyU7LDpoAABLqhLWj3g&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABGyU7LDpoAABLqhLWj3g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 21:11:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 23 Dec 2023 21:11:04 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABGyU7LDpoAABLqhLWj3g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0CC7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5694220248042463684&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64502748375613eb&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpwMk_u4fAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&...
42 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpwMk_u4fAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 21:11:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpwMk_u4fAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
141
match.deepintent.com/usersync/ Frame 02F8 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sat, 23 Dec 2023 21:11:02 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 938B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYdM5wAJJDs0hgBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157206&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 23 Dec 2023 21:11:03 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4569-YYZ
x-timer
S1703365863.226188,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYdM5wAJJDs0hgBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4569-YYZ
x-timer
S1703365863.186928,VS0,VE20
insync
thrtle.com/ Frame C0BE
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&vxii_pid=12&vxii_pid1=10067&vxii_rcid=82460003-48cb-4c49-a65e-994e0c3969c3
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&vxii_pid=12&vxii_pid1=10067&vxii_rcid=82460003-48cb-4c49-a65e-994e0c3969c3
Protocol
H2
Server
52.200.3.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-3-94.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 23 Dec 2023 21:11:03 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&vxii_pid=12&vxii_pid1=10067&vxii_rcid=82460003-48cb-4c49-a65e-994e0c3969c3
date
Sat, 23 Dec 2023 21:11:03 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame C0BE 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame C0BE 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.240.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-240-135.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame C0BE 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.25.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-25-82.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 23 Dec 2023 21:11:02 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C0BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 11:07:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-crT7aatE2uVShnIhvU2o2ilpt.SrKwY-~A&gdpr=0
date
Sat, 23 Dec 2023 21:11:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame C0BE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16165cd0ff66116c&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXpANbD26VAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&...
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 21:11:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame C0BE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2d69c003-0441-4838-bfb1-76c558b7499b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ed06aec411b0fbd&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHapiq2uSApQMmSwwNAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&...
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHapiq2uSApQMmSwwNAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHapiq2uSApQMmSwwNAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sn.ashx
pmp.mxptint.net/ Frame C0BE
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10E294661_642F5A8D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-386370663; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 23 Dec 2023 21:11:03 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-386370663; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame C0BE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.119.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-119-165.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C0BE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2665424737501304248&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5676a4b266791062&is_secure=true&networkId=17100&version=1&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXqANXRF6aAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXqANXRF6aAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGTJpYAwnXqANXRF6aAAAAAAA&expiration=1703452263&nuid=A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame D4F1 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:11:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53328
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 11:59:51 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 8033 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=7567752064217675276&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 8033
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e78622b7a2bbf1fc0ef9c6f517055de7&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e78622b7a2bbf1fc0ef9c6f517055de7&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e78622b7a2bbf1fc0ef9c6f517055de7&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 8033
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d5062a18-833c-466f-857e-c319d2db3aba&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1092885
content-length
0
expires
Sat, 23 Dec 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8033
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5694220248042463684&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5694220248042463684&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
an-x-request-uuid
55565bde-1a23-4e9d-891a-cd01a7c473ca
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5694220248042463684&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8033
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=tYLedLfUg3au09Eg5tHLdrXThXuu1d8ntYY8-YBf
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=tYLedLfUg3au09Eg5tHLdrXThXuu1d8ntYY8-YBf
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=tYLedLfUg3au09Eg5tHLdrXThXuu1d8ntYY8-YBf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 79B9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:11:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53328
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 11:59:51 GMT
usync.html
eus.rubiconproject.com/ Frame 8BC4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 21:11:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55C6
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1703365863199.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33905
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
Sun, 24 Dec 2023 06:36:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 23 Dec 2023 21:11:02 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 9FAD
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1703365863199.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212299388733440&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212299388733440&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212299388733440&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9FAD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477422413570171&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=44346e42-952c-4f1d-b0c0-0dc4ae970d46
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=44346e42-952c-4f1d-b0c0-0dc4ae970d46&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=44346e42-952c-4f1d-b0c0-0dc4ae970d46&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=44346e42-952c-4f1d-b0c0-0dc4ae970d46&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9FAD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw%7EA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw%7EA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-HWjW.JJE2uEOmVnXJldlEjrtGyMLaAdw%7EA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9FAD
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=18cbda428242116c&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF0gjGvVXNrwMFtNlgAAAAAAA&expiration=1703452263&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF0gjGvVXNrwMFtNlgAAAAAAA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF0gjGvVXNrwMFtNlgAAAAAAA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF0gjGvVXNrwMFtNlgAAAAAAA&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9FAD
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2654045899593000745508
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2654045899593000745508&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2654045899593000745508&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2654045899593000745508&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
getuid
eb2.3lift.com/ Frame 1C3A 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Sat, 23 Dec 2023 21:11:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C1C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33905
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
Sun, 24 Dec 2023 06:36:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
visitor.omnitagjs.com/visitor/ Frame 96A9 		49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=f751b669e81c5999&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Sat, 23 Dec 2023 21:11:03 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
5
csync
sync.spotim.market/ Frame 067E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D%26traffic_source%3Dsnippet%26session%3D...
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=9c1797cf-c4d5-0dc0-3a3a-e375c6492df7&traffic_source=snippet&session=95A32625EDA3DCE9&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnit...
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=9c1797cf-c4d5-0dc0-3a3a-e375c6492df7&traffic_source=snippet&session=95A32625EDA3DCE9&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:11:02 GMT
Server
Spotim
Etag
f751b669e81c5999
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=9c1797cf-c4d5-0dc0-3a3a-e375c6492df7&traffic_source=snippet&session=95A32625EDA3DCE9&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
usync.js
eus.rubiconproject.com/ Frame 8BC4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.250.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-250-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 21:11:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53328
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 11:59:51 GMT
khaos.json
token.rubiconproject.com/ Frame D4F1 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQIK1X6U-1H-9UYC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
961e708718863ce5d2a91761d33d869a
Expires
0
khaos.json
token.rubiconproject.com/ Frame 79B9 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQIK1X6U-1H-9UYC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame D4F1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQIK1X6U-1H-9UYC
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIK1X6U-1H-9UYC&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIK1X6U-1H-9UYC&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
3.17.215.181 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-215-181.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:03 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIK1X6U-1H-9UYC&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
events
api.permutive.com/v2.0/batch/ 		201 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=359ba275-5edd-4756-84f8-21a24369ce0b
Requested by
Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/5e9d20c89bd33a6ba705/graun.standalone.commercial.js?http3=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
38763cd7ef72a5540ccdf7352e803ad34a9f332886d14b3611a7ec646f21d697

Request headers

Referer
https://www.theguardian.com/science/2023/dec/23/prehistoric-handprints-finger-missing-ritually-removed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.theguardian.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
khaos.json
token.rubiconproject.com/ Frame 8BC4 		7 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQIK1X6U-1H-9UYC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
match
events-ssc.33across.com/ Frame 8BC4
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQIK1X6U-1H-9UYC
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIK1X6U-1H-9UYC
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIK1X6U-1H-9UYC&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIK1X6U-1H-9UYC&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&us_privacy=1YNN
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:11:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:02 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIK1X6U-1H-9UYC&ts=1703365863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
setuid
elb.the-ozone-project.com/ Frame B67F
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&loc=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[UID]
  • https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=87e35591-8df3-4747-abf4-1581f1cca478
0
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=87e35591-8df3-4747-abf4-1581f1cca478
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a3984eb982541f-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://elb.the-ozone-project.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=87e35591-8df3-4747-abf4-1581f1cca478
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame B67F
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2654045899593000745508
0
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2654045899593000745508
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a3984f4a3a541f-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2654045899593000745508
date
Sat, 23 Dec 2023 21:11:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
elb.the-ozone-project.com/ Frame B67F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H3v2hPZHpRiHWZu3QaKVVlWe
0
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H3v2hPZHpRiHWZu3QaKVVlWe
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1YNN&publisherId=OZONEGMG0001&siteId=4204204209&cb=1703365859900&bidder=ozone
Protocol
H2
Server
172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 21:11:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a3984fdaef541f-YYZ
content-length
0
expires
0

Redirect headers

Date
Sat, 23 Dec 2023 21:11:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H3v2hPZHpRiHWZu3QaKVVlWe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
prebid
sync.inmobi.com/ Frame B67F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
Domain
id5-sync.com
URL
https://id5-sync.com/k/155.gif?puid=AABGyU7LDpoAABLqhLWj3g&id5AccountNum=155&numCascadesAllowed=9
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3D%23PMUID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D6%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{ID5UID}

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture object| guardian function| guardianPolyfilled object| curlConfig object| curl object| webpackChunk_guardian_dotcom_rendering object| guCmpHotFix function| guardianPolyfilledImport function| __uspapi object| _sp_queue object| _sp_ object| webpackChunk_guardian_commercial object| fastdom object| _sp_wp_jsonp object| googletag object| permutive object| apstag object| _comscore object| teads_analytics function| twq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_data function| ga object| gaplugins string| GoogleAnalyticsObject object| gaGlobal object| gaData object| _aps boolean| apstagLOADED object| apscustom object| confiant boolean| creativeVendorLibraryLoaded object| COMSCORE object| ns_p object| regeneratorRuntime object| twttr object| brandmetrics function| __assign object| _brandmetrics object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| recaptcha object| closure_lm_6282 function| __spreadArray object| apntag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| Criteo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_145 object| Criteo_prebid_145 object| GoogleGcLKhOms object| google_image_requests

259 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APYnBZVBgpWPPzsJfsc7XJSL-Wy5jzjmroRMqsxrHRCVTyMZXTPVAUTj8Ux9x0YSy2Oph2eBdcZu5-FZwpaj2PU
.3lift.com/sync Name: sync
Value: CgoIoQEQjcyRxMkxCgoIkQIQjcyRxMkxCgoItAIQjcyRxMkxCgoI5gEQjcyRxMkxCgoIhwIQjcyRxMkxCgoItwIQjcyRxMkxCgkIOhCNzJHEyTEKCgiMAhCNzJHEyTEKCQhfEI3MkcTJMQoJCB8QjcyRxMkx
.theguardian.com/ Name: GU_mvt_id
Value: 104497
www.theguardian.com/ Name: GU_geo_country
Value: US
.theguardian.com/ Name: dnsDisplayed
Value: undefined
.theguardian.com/ Name: ccpaApplies
Value: true
.theguardian.com/ Name: signedLspa
Value: undefined
.theguardian.com/ Name: bwid
Value: idFromPV_CHCuxoj0tMd4ELVy80R3sA
.theguardian.com/ Name: bwid_withoutSameSiteForIncompatibleClients
Value: idFromPV_CHCuxoj0tMd4ELVy80R3sA
.theguardian.com/ Name: ccpaUUID
Value: e469a3a2-3c1e-4762-bd25-a316a13b9581
.theguardian.com/ Name: _ga
Value: GA1.2.680112568.1703365858
.theguardian.com/ Name: _gid
Value: GA1.2.639165937.1703365858
.theguardian.com/ Name: _gat_allEditorialPropertyTracker
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1C38137a34743d2011d93601703365858
.theguardian.com/ Name: permutive-id
Value: a1119938-b1bf-4d03-9658-9d8110482a88
.t.co/ Name: muc_ads
Value: 51729bfa-3d4b-4cf4-ac1a-2f01deaf03ad
.twitter.com/ Name: personalization_id
Value: "v1_ArfGO4q69559/9olXLme1A=="
.d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co/ Name: pxid
Value: c8949c35-5353-4b16-a936-826e7b9c64c2
.doubleclick.net/ Name: IDE
Value: AHWqTUmGjYoLvPyzhkDPrNFHbum05XU_hVsXXTepgPbIvtfpuIIBXsejHyFAzr5jjxs
.theguardian.com/ Name: __gads
Value: ID=6c33941a177814af:T=1703365859:RT=1703365859:S=ALNI_MaoaPgeIF2_kbmLIAwJ8JmAHnrTGw
.theguardian.com/ Name: __gpi
Value: UID=00000a047f87ac8a:T=1703365859:RT=1703365859:S=ALNI_MZaMznZ7t61lt7UyFl4CL0sgpQI-Q
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: e78622b7a2bbf1fc0ef9c6f517055de7
.3lift.com/ Name: tluid
Value: 2654045899593000745508
.go.sonobi.com/ Name: __uis
Value: 87e35591-8df3-4747-abf4-1581f1cca478
.go.sonobi.com/ Name: _usd_theguardian.com
Value: lqik1vgtl9q9iyj74x0f
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 30831059
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 30831059
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 30831059
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 30831059
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 30831059
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 30831059
.kargo.com/ Name: ktcid
Value: 09f1abc4-4429-0e4c-14ab-ef110000f985
.amazon-adsystem.com/ Name: ad-id
Value: A6agFMsWi0dfo7UiTmdS7ic
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: ZYdM4wBFfCm4F5-5eTt5igAA
.casalemedia.com/ Name: CMPS
Value: 3683
.casalemedia.com/ Name: CMPRO
Value: 3683
.adnxs.com/ Name: uuid2
Value: 5694220248042463684
.smartadserver.com/ Name: pid
Value: 7567752064217675276
.go.sonobi.com/ Name: __uqc
Value: 1
.yellowblue.io/ Name: wrvUserID
Value: 2WCbBOS-kp_s
.openx.net/ Name: i
Value: 76652759-d4cd-01de-0b60-eb882335dc87|1703365859
.lijit.com/ Name: ljt_reader
Value: H3v2hPZHpRiHWZu3QaKVVlWe
.openx.net/ Name: pd
Value: v2|1703365859|vMgavPkWgy
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyMjE0NjU3MDQ3FOIz1K0w1y1wzUnR9Us1NQUAcLnpPCQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyMjE0NjU3MDQ3FOIz1K0w1y1wzUnR9Us1NQUAcLnpPCQAAAA
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjIzU7IyNDcwMTU3NTG11FGyMEblGxoYoSkwR%2BUbQQwwNjGwNDC1rAUAryMQog%3D%3D
.adform.net/ Name: C
Value: 1
.go.sonobi.com/ Name: __uin_an
Value: 5694220248042463684
.go.sonobi.com/ Name: __uin_zt
Value: 978477422413570171
.contextweb.com/ Name: V
Value: ww5H7KZ7SmM1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9c26cc021786b8aa
.the-ozone-project.com/ Name: __cf_bm
Value: vuez1KpK1FcYwiE_zLtGaUtHHBwqxv93JAHgIBccU0M-1703365859-1-AeV79ljU7gb0ZozyQ86J4Q/T5w35AG//42EMfiyHYiqu+tpg4vWMszizQEQOshLJ0QJrBbe5nrpZ0rtoCkkHkMQ=
.go.sonobi.com/ Name: __uin_eb
Value: CAESEIUbUrXE-h9vgrZsl44fPFg||1
.adform.net/ Name: uid
Value: 3104645389375357453
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILgOcmwQcY_98Qc2ffI2bgWNwMVl7_2PpXvOXyHlKEV_EHwYBCDjmZ2sBjABOgQ8w7t9QgRRI--m.Jyjbg2YbEIV4TebQAkNjppdGtI0yblwo8b22R6x1T%2Bo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILgOcmwQcY_98Qc2ffI2bgWNwMVl7_2PpXvOXyHlKEV_EHwYBCDjmZ2sBjABOgQ8w7t9QgRRI--m.Jyjbg2YbEIV4TebQAkNjppdGtI0yblwo8b22R6x1T%2Bo
.yieldmo.com/ Name: yieldmo_id
Value: 3z3NqxxffNx8Uzl2joWy%7C1703289600000%7C0
.adsrvr.org/ Name: TDID
Value: 0b4fe10d-536f-4598-bca9-06a89b923b61
.demdex.net/ Name: demdex
Value: 10612839094976021412705096220178603880
.ads.stickyadstv.com/ Name: UID
Value: da57f0a534d0d67cd98127f4edbdce7
.bidswitch.net/ Name: c
Value: 1703365859
.bidswitch.net/ Name: tuuid
Value: 44346e42-952c-4f1d-b0c0-0dc4ae970d46
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 2dfa34bc-acb5-4dde-8438-23483d48ac53
.yahoo.com/ Name: A3
Value: d=AQABBONMh2UCEA9LdnYs3TN39rlTQ0N4EkQFEgEBAQGeiGWRZdxH0iMA_eMAAA&S=AQAAAgeO9OEzAPpH2QasWRZK3Pk
.mathtag.com/ Name: uuid
Value: 48916587-4ce4-4200-b3a7-bcaeeeed88be
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
.admanmedia.com/ Name: admtr
Value: 4be80e63-d844-4d0b-b9a9-886e700fcf8c
.admanmedia.com/ Name: ac_r
Value: CS253
.bidr.io/ Name: bito
Value: AABGyU7LDpoAABLqhLWj3g
.bidr.io/ Name: bitoIsSecure
Value: ok
.go.sonobi.com/ Name: __uin_st
Value: CoW8UMfBUSNUXv9jpxnClmAJ-Sg
.media.net/ Name: visitor-id
Value: 3463674596634439000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.dpm.demdex.net/ Name: dpm
Value: 10612839094976021412705096220178603880
.acuityplatform.com/ Name: auid
Value: 868538562852
.33across.com/ Name: 33x_ps
Value: u%3D212299388733440%3As1%3D1703365859974%3Ats%3D1703365859974
.openx.net/ Name: univ_id
Value: 537072971|0b4fe10d-536f-4598-bca9-06a89b923b61|1703365859967401
.go.sonobi.com/ Name: __uin_pp
Value: ww5H7KZ7SmM1
.krushmedia.com/ Name: krm_usr
Value: 2ecb532f-43f0-5a82-a25d-38643f2e3011
.lijit.com/ Name: _ljtrtb_66
Value: 868538562852
.mfadsrvr.com/ Name: tuuid
Value: 41de5bf8-d8bf-495b-b66a-9ed98b7a3087
.mfadsrvr.com/ Name: c
Value: 1703365860
.mfadsrvr.com/ Name: tuuid_lu
Value: 1703365860
.bidswitch.net/ Name: tuuid_lu
Value: 1703365860
.pippio.com/ Name: did
Value: ep1GMWG_Ryq3WarZ
.pippio.com/ Name: didts
Value: 1703365860
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: COSZnawGEgYIgr0rEAA=
.tapad.com/ Name: TapAd_TS
Value: 1703365860064
.tapad.com/ Name: TapAd_DID
Value: 1c158477-681d-4934-afe1-16ac1db45bfb
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDINY2uDARK5EzKscez5rY4&KRTB&23025-CAESEDINY2uDARK5EzKscez5rY4&KRTB&23386-CAESEDINY2uDARK5EzKscez5rY4
.creativecdn.com/ Name: u
Value: cWZYvrgX5XI04uVIzovk
.creativecdn.com/ Name: g
Value: cWZYvrgX5XI04uVIzovk_1703365860044
.creativecdn.com/ Name: ts
Value: 1703365860
.krushmedia.com/ Name: krm_r
Value: 572|482
.lijit.com/ Name: _ljtrtb_87
Value: 41de5bf8-d8bf-495b-b66a-9ed98b7a3087
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0b4fe10d-536f-4598-bca9-06a89b923b61&KRTB&22918-0b4fe10d-536f-4598-bca9-06a89b923b61&KRTB&22926-0b4fe10d-536f-4598-bca9-06a89b923b61&KRTB&23031-0b4fe10d-536f-4598-bca9-06a89b923b61
.csync.loopme.me/ Name: viewer_token
Value: 84bea3be-9a6a-4ed4-82b4-70603c56785b
.simpli.fi/ Name: suid
Value: B0E86E2759B948DD8B2C3AF0A9CA22FF
.go.sonobi.com/ Name: __uir_bw
Value: 132418394431844820
.go.sonobi.com/ Name: __uin_bw
Value: 44346e42-952c-4f1d-b0c0-0dc4ae970d46
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B0E86E2759B948DD8B2C3AF0A9CA22FF&KRTB&23486-uid:B0E86E2759B948DD8B2C3AF0A9CA22FF&KRTB&23489-uid:B0E86E2759B948DD8B2C3AF0A9CA22FF&KRTB&23539-uid:B0E86E2759B948DD8B2C3AF0A9CA22FF
.turn.com/ Name: uid
Value: 2665424737501304248
.linkedin.com/ Name: li_sugr
Value: 5191f927-25df-4c75-a9f3-dcf6c954eaa7
.linkedin.com/ Name: bcookie
Value: "v=2&ef734d82-a35e-4688-8a84-a93052fd11da"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3212:u=1:x=1:i=1703365860:t=1703452260:v=2:sig=AQE9cuElkUjn6FNt8zrnWswi_9V786tc"
.go.sonobi.com/ Name: __uin_rh
Value: 7DlO62PH09rCeC53-vDmj9R5CYPoBztwsfAc4Gg5qac
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adx.opera.com/ Name: UID
Value: OPU6a719b07b6f445c4a5745c48eeb7cff5
.rubiconproject.com/ Name: khaos
Value: LQIK1X6U-1H-9UYC
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005%22%7D
.lijit.com/ Name: ljtrtb
Value: eJwNysENwCAMBLBd8m4kCuS4dBuiwBJVdy9fy68A8ghBazRUWpVLOI71O5fFpiZja3cLDWCqr3TGmK2c9v3uhA%2Fz
.lijit.com/ Name: _ljtrtb_83
Value: LQIK1XFL-J-GJDI
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 466e6bfe-6474-4dac-bb10-a6d267121929
.prebid.a-mo.net/ Name: sd_amuid2
Value: 466e6bfe-6474-4dac-bb10-a6d267121929
.hb.yahoo.net/ Name: visitor-id
Value: 3463674606634432000V10
.hb.yahoo.net/ Name: data-mag
Value: LQIK1X6U-1H-9UYC~~63
.primis.tech/ Name: csuuid
Value: 65874ce4e7ecd
.ipredictive.com/ Name: cu
Value: 2d69c003-0441-4838-bfb1-76c558b7499b|1703365861382
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 5YMxk933dQ
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1703365861627
.doubleclick.net/ Name: APC
Value: AfxxVi5f6B6cOSIO87LYoSKN51n0d3ypRSJUmi7x_kdhC1m_uHqboQ
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGJhBFVIqYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRiYQRVSKj3RoaXJkUGFydHlVc2VySWRXSDN2MmhQWkhwUmlIV1p1M1FhS1ZWbFdl+4A0+kLIQyUBRiYQRgy6RCUBRiYQRgy6RVpDQUVTRU50dzNzY1RFbmFGMHJxZlZDRV9zMlX7+4Z2ZXJzaW9uwvs="
.adnxs.com/ Name: XANDR_PANID
Value: rnroyE5ojRFlvfKZn774QRskAd7zjay3Fsz6rql-KRgs9X3oa9RJR_tBm08Rep-66lDMWxwFRi40D8LkgrKZP_NhJqRlNXcDXKzAjEmx32U.
.mfadsrvr.com/ Name: ssh
Value: !google,1703365861!sovrn,1703365860
.go.sonobi.com/ Name: HAPLB8G
Value: s85144|ZYdM6
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: d5062a18-833c-466f-857e-c319d2db3aba
.zemanta.com/ Name: zuid
Value: hNe1DwPoejGT14yxfWig
.mediago.io/ Name: __mguid_
Value: f5ef61caad3321292qdpuk00lqik1ypn
.quantserve.com/ Name: mc
Value: 65874ce5-d7cef-56dc8-b9d61
.adkernel.com/ Name: ADKUID
Value: A6508938693885992533
cs.chocolateplatform.com/ Name: sp_cookie
Value: sp-34d3b8d579034d83a2bd9aa550b361f1
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A6508938693885992533
.tribalfusion.com/ Name: ANON_ID
Value: aQntuJo0P8fCmTN82fURBnfZcSZa73nUjZaJvW9T41xYLuEn6IU4QRVXpV57GkZcNtTcbKm3XmlRl74qN7gr6e4xPm82
.criteo.com/ Name: partitioned_bundle
Value: qWVFSV84Y01yVlV6d2ZjaXBGbGZiczVXSWxmUzZmMzN3cHhJbWRLY0I3OUVTMFBQVXVDWmtDaWo3bFltRDl3M1clMkZVbFZmaEtxeXVOVDdEbGRuMmtONkRUVkt1eklsSnNFemtNN00lMkJZd2Qxa1phc0RMeDJUc1hPT2NqS0JqNGxpNjZ2dDhmTXRQRGxHOUZTVHVZZkZ3ZlVSaU9Gc2lEQ0ZZSzZRNklPNFlldzFBRDdiRkpMZHlyJTJCSUFHUWloZUF3UWtMMzc
.theguardian.com/ Name: cto_bundle
Value: 1Ru0_184Y01yVlV6d2ZjaXBGbGZiczVXSWxmUzZmMzN3cHhJbWRLY0I3OUVTMFBQVXVDWmtDaWo3bFltRDl3M1clMkZVbFZmaEtxeXVOVDdEbGRuMmtONkRUVkt1eklsSnNFemtNN00lMkJZd2Qxa1phc0RMeDJUc1hPT2NqS0JqNGxpNjZ2dDhyOVElMkJlOWwxVWp1ZGltQThRVFNVa1ElM0QlM0Q
.c.appier.net/ Name: _auid
Value: k1DyHuDECh6ZJjWL5kyHZQ
.c.appier.net/ Name: _gu
Value: CAESELfANzRFekn2vjbCdHleafs
.rlcdn.com/ Name: pxrc
Value: COOZnawGEgUI6AcQABIFCOhHEAASBgi46wEQAw==
.adnxs.com/ Name: anj
Value: dTM7k!M40*e8)4*ghqdmU(7TBp%=to#?nI3N:uKgRe4r:[f-zyRnu7%R^/>_ep'4_Q:Ts3wr!kM-sg1ckyMQeFCok$0Kc<2(EfKVf1^.5eCoJYpnqv%D5Bp^pg5h3+]2lF#NV8:Oi3jrNT781glfWLe:5_Tif_cycvigDe:6?T9NwdP@AvW'!x#EO0Na^'
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRSUsxWDZVLTFILTlVWUMiLCJleHBpcmVzIjoiMjAyNC0wMy0yMlQyMToxMTowMFoifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMjY1NDA0NTg5OTU5MzAwMDc0NTUwOCIsImV4cGlyZXMiOiIyMDI0LTAzLTIyVDIxOjExOjAyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTIzVDIxOjExOjAwWiJ9
.the-ozone-project.com/ Name: ozone_uid
Value: 2ZxZoHTLQFP6di11mR0kdEDNEmr
.go.sonobi.com/ Name: __uir_zt
Value: 132418390136877527
.go.sonobi.com/ Name: __uir_pp
Value: 132418390136877527
.go.sonobi.com/ Name: __uir_an
Value: 132418390136877527
.go.sonobi.com/ Name: __uir_st
Value: 132418390136877527
.go.sonobi.com/ Name: __uir_eb
Value: 132418390136877527
.go.sonobi.com/ Name: __uir_td
Value: 132418407316746711
.go.sonobi.com/ Name: __uin_td
Value: 0b4fe10d-536f-4598-bca9-06a89b923b61
.go.sonobi.com/ Name: __uir_rh
Value: 132418394431844823
.intentiq.com/ Name: IQSonobiCookieSync
Value: 1703365863035_1949338975_357
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1703365863035_0_357
.ads.pubmatic.com/ Name: KCCH
Value: YES
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8589-2!8589
.rlcdn.com/ Name: rlas3
Value: J6WOC1zspUTMhd/A+UYTBCyoPhDZXgerPcF/PLYDVaE=
.onetag-sys.com/ Name: OTP
Value: fIMWacYKgrFEqBAgzEFJr-ejJPoBFE1KPBvBonKw3m8
.pubmatic.com/ Name: DPSync3
Value: 1704499200%3A259_201_263_262_261_260%7C1703376000%3A248%7C1703894400%3A265
.pubmatic.com/ Name: pi
Value: 159706:3
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUekliWjNVIzEwMTM5XzAmVHpJYlpTMw
.intentiq.com/ Name: IQPData
Value: 1611266344#1703365863150#0#1703365861625
.tynt.com/ Name: uid
Value: 64DgdmWHTOfrDlAxOaPOTQ==
.quantserve.com/ Name: d
Value: ED0BEAHdKoEP6b0Q
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5694220248042463684&KRTB&23339-5694220248042463684
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-2d69c003-0441-4838-bfb1-76c558b7499b&KRTB&23011-2d69c003-0441-4838-bfb1-76c558b7499b&KRTB&23355-2d69c003-0441-4838-bfb1-76c558b7499b
.pubmatic.com/ Name: SPugT
Value: 1703329655
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2665424737501304248&KRTB&23150-2665424737501304248&KRTB&23527-2665424737501304248
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1703365863199%7D%5D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYdM5wAJJDs0hgBd
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw84N8vhdUnwLf4aSdUXzjsMjnvpF7eYi8ByVZptUSASNpU1g3xeGA%2FfqxZ7Ye0X3eNgETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6jnIKDJkGjCUhoBQ9RrJZ5A%3D%3D
.spotim.market/ Name: vmuid
Value: f751b669e81c5999
.deepintent.com/ Name: CDIUSER
Value: di_fc31e2717f4642358271d
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231223%22%7D
.pubmatic.com/ Name: SyncRTB3
Value: 1704499200%3A250_71_220_21_13_54%7C1703894400%3A223%7C1703808000%3A15
.mxptint.net/ Name: mxpim
Value: R35CAB_10E294661_642F5A8D.1.000000000000000065874CE7
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: f98a3f26-60c3-5366-bc0c-dd3cd98b91db
.betweendigital.com/ Name: ss
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2frx:18vk~2frx:19e0~2frx:18z8~2frx:190u~2frx"
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_10E294661_642F5A8D&KRTB&23092-R35CAB_10E294661_642F5A8D
.betweendigital.com/ Name: ut
Value: ZYdM5wAEGshhuFa-Lxh8LMkcgIYyQxcVeiUndw==
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSmD72HtjKhbdS4cMOLe7nUhmyIdDwJYx2DugQuUrH8ajv0v8keGPpt4xRsrMC4Q2
.thrtle.com/ Name: mc
Value: eyJpZCI6IjgyNDYwMDAzLTQ4Y2ItNGM0OS1hNjVlLTk5NGUwYzM5NjljMyIsImwiOjE3MDMzNjU4NjMyNzksInQiOjF9
.servenobid.com/ Name: pid_312
Value: 5694220248042463684
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtobmBsbGZqYWZsZGmyShTBN7I0MgcAhrXOwiAAAAA
.postrelease.com/ Name: visitor
Value: 20560212-405c-4749-873a-fe6447306cc7
.postrelease.com/ Name: status
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 5676a4b266791062
.bfmio.com/ Name: __187_cid
Value: A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
.bfmio.com/ Name: __io_cid
Value: 7a89b9fa5cdcc5447164e3645441870d1ef3f900
.id5-sync.com/ Name: id5
Value: 7e4aba30-2d27-7227-a35e-76db00f2a95e#1703365863193#2
.adotmob.com/ Name: uid
Value: 09f32204003d5f7a61d61315
.adotmob.com/ Name: uuid
Value: 09f32204003d5f7a61d61315
.adotmob.com/ Name: partners
Value: AYL%3A1703365863313
.pubmatic.com/ Name: PugT
Value: 1703365863
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGTJpYAwnXqANXRF6aAAAAAAA&KRTB&22713-AAAGTJpYAwnXqANXRF6aAAAAAAA&KRTB&22715-AAAGTJpYAwnXqANXRF6aAAAAAAA&KRTB&23519-AAAGTJpYAwnXqANXRF6aAAAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ops|4is.0.CAESEM-q52BYpQguCfhoUja8tt8|7LJ.0.87e35591-8df3-4747-abf4-1581f1cca478|7dN.0.AABGyU7LDpoAABLqhLWj3g
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiYu5-htoHCPBAFEhQKBXRhcGFkEgsI7tLZoraBwjwQBRIWCgdydWJpY29uEgsI1uG3pbaBwjwQBRIWCgdzdng5dDUwEgsIkpnIvbaBwjwQBRgBIAEoAjILCJ6gl_DMgcI8EAU4AVoLYWRjb25kdWN0b3JgAg..
.spotim.market/ Name: a482928
Value: 9c1797cf-c4d5-0dc0-3a3a-e375c6492df7
.rubiconproject.com/ Name: audit
Value: 1|F0jWhsQ9rpfSvUhzGecl+1B7x6LAz+KKftLRMZs7qOjhj9K5Ghav9e1MXuCB0EwuT95kLeM3GsUwHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpUjIddHlRIwBISrYgHGoszOtFnkF1c2HBsiVxsM1JLNLxIJaILZswIS5KvY6d/O6TGdvoGLIiyOj
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005%22%7D
.servenobid.com/ Name: pid_321
Value: RX-695d35c2-482e-48e8-b6d3-11693c4a20ea-005
.servenobid.com/ Name: pid_317
Value: 7567752064217675276
.gumgum.com/ Name: vst
Value: u_2ab4177e-d807-4346-93e3-b095ac6c1218
.admixer.net/ Name: am-uid
Value: 5e8c4e84234d42378ed8c3dc5e8a15cf
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: 32994d93-2f8c-3b48-a678-d511f457a4be
.technoratimedia.com/ Name: tads_uidp_44
Value: LQIJYORQ-J-BKUG
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 4260582875412131839
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAG2lsusbIPmgMN20auAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: acc387d4-40cb-488d-95e4-fe1faaddcd21
.technoratimedia.com/ Name: tads_uidp_61
Value: 212392800823644
.technoratimedia.com/ Name: tads_uidp_62
Value: 3463673096634451000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: RUa1wQFK4YpngfrNPnaYmJy_fydQraL5
.technoratimedia.com/ Name: tads_uidp_7
Value: f0878f96-3f16-4542-83a8-aea592459d99
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_73
Value: AABGyU7LDpoAABLqhLWj3g
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-723242af-de0e-49e4-90ba-ebdbf236c9f8-005
.technoratimedia.com/ Name: tads_uidp_77
Value: hzUAis3NStHF2LgSG3AOqaiEWyYtNl86RezPNfaKPew
.technoratimedia.com/ Name: tads_uidp_79
Value: 3e59d604-9a2b-4ca7-9bb4-2c5fb6747702
.technoratimedia.com/ Name: tads_uidp_80
Value: y-2fTU7sFE2uGYjj3NzGObbj1x_0bBtSiB~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZYc.8.frdiUUSHZCtqS1MAAA&3713
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 4312924577215111335051
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: A86D4DA215FB40F8BBC0EC13D800DDA9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231007011547+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.id5-sync.com/ Name: 3pi
Value: 434#1703365863306#1949338975|2#1703365863449#-70608435#5694220248042463684|441#1703365863995#-1080119746#u_2ab4177e-d807-4346-93e3-b095ac6c1218|108#1703365863743#381336775|429#1703365863583#-703063221#A162ADF9-B9BB-4551-8332-67BCBDEBB1D1
.smartadserver.com/ Name: csync
Value: 80:tYLedLfUg3au09Eg5tHLdrXThXuu1d8ntYY8-YBf|127:AABGyU7LDpoAABLqhLWj3g
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABGyU7LDpoAABLqhLWj3g
.360yield.com/ Name: tuuid
Value: fa2e2bb8-ddc7-4adf-9eda-4dda7fb9c513
.360yield.com/ Name: tuuid_lu
Value: 1703365864
.360yield.com/ Name: um
Value: !79,nfrebUBLMiCIMyfLWuO428ynbAmMHn8txdHehCCy9AFnMIB7smArt2QSctUpdR7BLbpBJ8BI-MdjMQfK,1711141864
.360yield.com/ Name: umeh
Value: !79,0,1765573864,-1

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone, midi, geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A162ADF9-B9BB-4551-8332-67BCBDEBB1D1&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=87e35591-8df3-4747-abf4-1581f1cca478
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D95A32625EDA3DCE9%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src 'self' https://assets.guim.co.uk https://pasteup.guim.co.uk https://interactive.guim.co.uk https://dashboard.ophan.co.uk data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25f586024e867ebc933cc4fe574a353d.safeframe.googlesyndication.com
33across-match.dotomi.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.intentiq.com
api.nextgen.guardianapps.co.uk
api.permutive.com
assets.guim.co.uk
at.teads.tv
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.permutive.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
contextual.media.net
contributions.guardianapis.com
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.chocolateplatform.com
cs.krushmedia.com
cs.yellowblue.io
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d.turn.com
d6691a17-6fdb-4d26-85d6-b3dd27f55f08.prmutv.co
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gtrace.mediago.io
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.guim.co.uk
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
krk2.kargo.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
onetag-sys.com
ophan.theguardian.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.spotim.market
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sourcepoint.theguardian.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
t.co
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
visitor-us-east-2.omnitagjs.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.theguardian.com
x.bidswitch.net
ads.avct.cloud
id5-sync.com
image8.pubmatic.com
sync.inmobi.com
104.18.36.155
104.244.42.131
104.244.42.5
104.36.115.111
104.36.115.113
107.178.254.65
107.23.119.165
108.139.29.15
13.35.93.125
139.162.78.222
142.250.65.194
142.250.80.34
142.251.40.130
147.75.198.144
151.101.129.111
151.101.66.49
159.203.145.121
169.197.150.7
172.64.144.78
172.64.149.180
172.67.10.198
174.137.133.49
18.164.96.83
18.164.98.157
18.173.132.10
18.173.219.124
18.205.39.5
18.238.55.117
18.238.64.130
185.167.164.43
185.184.8.90
192.132.33.67
198.148.27.131
199.232.36.157
199.38.167.130
20.40.202.2
213.19.162.90
216.200.232.253
216.22.16.68
23.1.200.83
23.105.12.120
23.108.103.8
23.227.146.18
23.34.250.29
23.40.179.31
23.41.168.23
23.47.169.117
23.56.163.14
23.83.76.100
23.83.76.52
2600:1f18:4e9:5a07:a217:a1:a581:ef30
2600:1f18:61c0:2205:1ef3:ed1e:e7cd:465
2600:9000:266a:9800:1a:5235:f980:93a1
2600:9000:26fa:5c00:1b:6b7d:2300:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:20::681a:d12
2606:4700:4400::ac40:90a6
2606:4700::6810:3865
2606:4700::6811:7711
2606:4700::6812:19ad
2606:ae80:1450:16::2040
2607:4f00:974::2
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::2004
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a04:4e42:600::367
2a04:4e42::367
3.17.215.181
3.208.133.199
3.222.121.73
3.225.218.10
3.233.176.156
3.33.220.150
34.107.254.252
34.111.113.62
34.117.239.71
34.198.29.92
34.225.183.152
34.98.64.218
35.175.88.165
35.186.253.211
35.194.66.159
35.207.24.140
35.208.249.213
35.211.156.253
35.211.178.172
35.214.166.178
35.241.9.51
35.244.154.8
38.68.201.140
40.76.134.238
44.199.149.119
45.137.176.88
51.222.39.185
52.1.240.135
52.200.3.94
52.21.25.82
52.223.22.214
52.46.128.147
52.89.208.126
54.152.0.153
54.152.61.223
54.155.176.49
54.162.157.217
54.239.33.158
63.251.28.134
63.251.86.49
64.202.112.159
67.202.105.23
67.202.105.31
68.67.160.117
69.192.109.215
69.194.240.13
69.90.254.78
74.119.119.139
74.119.119.150
8.2.110.134
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
80.77.87.162
82.145.213.8
96.46.186.59
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f797c234233200a56b848ede38034c1967c6fce64287804301b332f5969c57
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
0780bc03834d0055b529c288891e65964e6a26581efa27be1d50d0e9da60f38a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db1e8e9159f374b9b5f1fc469ce67405aec27eda4fd62d9f9482cbe4368061f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f59004936173c53797043b12849d58fb65a961f49f381fe99033ec0345aecb7
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12c587e0f38437d978a808ad4c7db78b4c6ee21ba8451a5349392997ac8a9980
15d8b592f6ddec23971bd31a5f2191221315fdfe852a582e318bfd6e74def112
15fcef03ce64500be37b918565a0e7a375a7427285b2d836092439f79da8448a
16ed36ed22117e6b7d051ffdbd4fd15d521f05c8e69c862074978a92457d47da
1817faa4ce970433b1cc62ed31a3c7d3cbfece45ba9795550d10486ad481a0a8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188575cf3d53c617eee014889d0e22a426fe7c3b80f56cbabdcb7370a7f667bb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bda6328a7bf6718a2a75b3eb753f23b1f190acf375461584642af92c53494c7
1d1f0897f2c5aa0c0d364a226399ad001de3952eb62993b163cca9829a1c4fde
232d9d3a07348dbd4e711fb8d128053d55a0edae70ec1c7c7a750b3a5f4a44b5
24dd74072e87b1e0a20be11b46dc641e8aa97a5bf3b2800cd24412da629afaa1
28c97a895261a6b11e4114d46894cf288d77f5184e4bc1a67c281f96067fbff7
28d3abde14138e85131a12c91e3f2a85e0a6bfc221aa5f9a39f3d55c965878ef
28e8623478d1d900912e7ebb26b412cda13d9637edaff4f31542d7a5676818e0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2bfa49281d35afcbdff630cc90eecd4eaa3554bbdb20647aff224fb15ec3163c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2dff5b33bb4232cdb28b6e5de7a9db097762b2b049d46d8c651bba2aa2182724
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32f438381dd6278628cf724f4090bf83bdc43aa5ba0754f490fc50eadeffbe13
338b8e43f7724683fd0ebaffe6ca501420590d917702ec14bfcc3aab7371050b
36b6450cd74cb5e0b1dcb65c325e07e3e29b98c9c418f5f19cb311f56561555e
38763cd7ef72a5540ccdf7352e803ad34a9f332886d14b3611a7ec646f21d697
389e8b376deae6b2cc3e0702d20662a1e661a0727d9352a5ae54b6cc8a5c6dff
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb69307fed1d2aa97fc9e79433ec0ea1b071f0950cfb0ad5acdcd6107897ad4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40929c6750201c047e62ee99423e68d97ecab43c60d316c86fe76cb2a4678981
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4491cda67d7a7915fdcf5bc1cc0c8a9737bd98a0546ecaefb55e50ee571032e6
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c70f3f03455ea4833675cf458661307247c9be9154bd7a7f48509a5d28f2e4
4a6e42df592f9fef10d8707e673f1a66671e31c48cfcc1282f759654810652f7
4abfad9c48fb0cbf933b3bf8cf92e96a11dbea84adf00976dde20a194bfb59b3
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4b0b4e14f9c03f01f1b4acdb1ca620441be10b369f53c166c59b7de6064add6f
4b28bd8abc299a2453d6b0762a3d5b3766d9687a3125b1b389c331d6951451dc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d83b02a8de9798d3c1ab7bf27d9e8fa689a9ffd7e6562e98602dc4c8e8fbfb9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
5110dab7d83f6e73ee729877678cb0f2ab8aa5bddefa4e606fb6899d8e40ae2f
512776118b23d4141b47f14fbc29c79a677caa2c74b5bae6cfa44a8bd8847d42
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
539b156d24e729bedcd32b5ddc491d060917f4c7cd2a94eabfba793deec27153
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f37d91c74ec794994462438f9760e481af46aadb2054cddf74595c69a08d48
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
56b3ad42c6b3a36b6637aa025bbfabd7ec4c8cc9a74e15a7a30e5fbe51345f3a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561
5abbb193961a4a7b0af255f4a2fc329d0c73214dad6f7cd8b2963a938bc57699
5ecd7f8b9cb09afedef3262c0990f74cf152e6e8f96f4e87f187952f266f57a1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf
6c0c8598647429054a819dfe73f0ebecb407d9fb64c856a40afee0273e8366d3
6d533c225ce5e7f81156c1fd744c907ddbdf01e610c967c7c685f19c31ef2e2d
6d9b1a33ad0c70867cb1e3dff6c3f123bcffd1019276ca87b191140a9c867bf6
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
70508467cb9e0c1c1da7ce4fe9cd5495acdbef6478a22eda8f0b24557a564f80
7061a231754256284569c8a443c965b6a3a96ed9369a71cb94c6a2a0f18242c5
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72775823b8411175a3070d86f5f034b784237eb696829a57802ebffcf43d5497
732693f538e4d28b2bc0b7d7bff40f84effaec15b151a40393bc376e673e1298
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d0ffa8081f591d895ba54c71ace599f2a1e33f0b6d571791cf5258564e95117
7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463
7f10c2e3a5b5d8876b6474e6e81f092e6713a7089b308eca70268c191497717d
81dd351bcd437894cb1d90c09e1d986df5e41e3d0003aa62fbf8d822be580809
824426c63e0cb453909456435aedc5da0f5ad9d09be3a6091fb70b780a080841
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8434cc74fe8b86d61ccdfef3cde83b02347518d01e57ee002a5ec1448aa57c3b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
860ad3ee5c468defdf11c4d0a397decfbac4fe8d2128681f5ea03b591e6c7c05
86420e7438ecbeee1c096e6aba233c995fe855317ab0bc96c505b3a8008bbde2
871f125c3d4e5a29d2878c24950916d7b30e04fbc5d348e05eeb8ada3b13e03e
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4aac38ba3ca16e91281aac2595ca799657c3a94aad19b3899b9c3dcdd2eda1
8b4b0c113129c46df1d4b41543a952d89973c644eecb18324ea3fcacceba4f68
8bbb973524c9c00bb430b967b962fef2be6c7c7c23c202674a8fd1da359adb93
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec0ea0969c60e76007f766ce7df7d1617a4186823ff622450398d169752c3c8
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8ff7405518d38db332f925d0a3be223bec01f678933279963f9c5d44263ed30d
90738bd6a083bb0bb11633a2bf01ddf303e3f727c65292564e57482f22156587
90913bdb9c4603692ff71c4ed35255f6e22cd667f1b30110e9a996894eff89ce
91734605950c27ddf54907517457c00361fa4c5864c5ff0ff915c40c72a0f00b
91945d85f5f363b72920d369c65a2c6f5d7125a4c9ee82a441b4acf40457fc7f
92b342ddf2f633909616c56f47285f172ef727770657a2ff2e5bf5cd4c547fed
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
998d17d292f09be5c4f7093929955bac378df59f5a780f4fbf949363dd60df9a
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f6a419a521399b27a89023a081f44d3c32eedb3671b6222f6544bea165b6fbe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
a1b2a90037ada98147dcac5ed36115be0cb45d80f9a8f070983aab293f7b412a
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44b9e53b63dba5058958dd93f611b095dc405c99008f44276629a611dd472f1
a4680406b1cf4b31004b6ca893cf4a3ed2dc778d753423c091c855f4560197b8
a795acf616ecc04e3362e6b2abb864ebcbcd0627ec9acbdc8106d03594c9d10f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af272b998f8044b154df649f67a34dc9e2bb5b40c29f5255d2c8ea57c113be06
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44b5461516ee7ec3c3bf587a0c41c47c894b967f20680ae9ff3f0c285b26263
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb91ab33699c1416dede34ec259118193ff32e677f76b12e317c6a3ea2886b69
be6b3f41d5f79b0ea32be0e1274af5edc62c3b8390af21c967cf2ef4204f66f8
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c070a7ffa3cc76f09bdaa432da26e8e5d1cd8865df28aab7c0a52e2e8305a956
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b
c2f148a668e19761c9791bdd2fbae552b72f4001a9822b393c39fe39c4467248
c54583c406cc206fb37e83d4f4de04cb54ff3c1a129426ca60a826b90d4a2a7e
c5feaa4376be94b915443d2023735dc08ad0810e0dc47607964f7b77041d049f
c66cfd953713a3729fdc6bc7c851cec6c442190339cdcf3a52b8d70968d91b24
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
c7acd5c910e45d01aca6a7164dcbeb3fd1cb73fb22b87024f8b8cd89e7aaadfa
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca9abaaebd181ca82fa1d8d8e39ebc0f15d4d065f87e60777fe5bb6573591c6c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbed55709808bd73561495adc0c1dc3bfec733542a5e657ec54f4ca9eab3006c
ccc15abfb0265e917e08be4ba8ff9939814cb9a043b865b3788013c1b8160f7b
ce1d18626bbc6a0564ba74209097cdecd247abdc3fb4004ad45c167f6b50677a
cea2177bbfab01f2f8385edf7d1723bed1bf3744240131d9fda7f7348adaa4b6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1576808c0d45401ae292cd1880d9348af30254af055ba1c194343392c906846
d5cce73e2d9e59a064bb0d8de053625f28cf06b11f80064208e1b90cf97c1112
d6cf95ca49477551f2c757920b1e42a2a0683bfd3fea69560480ebe8c369739a
d78a4439e2a7e90397d11d7defeb990b85024e3ee611f93587eba396b75928cd
d98a90c5ca673bc086842e5cd3189cd2bbd9915b82b2f64fbd5211e9b0d6d79b
d9aff7f7c51e775eba06add07b71db1d8d6640660ea2b59a2db82c4b48fa4e8a
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dbe4b2d62f253cb64f7f675f3f112f98f190688ca1d62be751821c7f4aa7ff07
dcf9f554d81b89c9c71820efe242539c924dc26d453d45f2588a783ffe0fe46e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e145f086efde44562d1d11c7d771351251dce322a9fa97f0640f4d8c6aa2ae3e
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d581ae9576c3863c46052e639c3f50fc360f5e30a68a1a44ece9811687c9c1
e537d9753548470e27c372198d8c2842a141ac86f0cd6ca936277f502c497df0
e584c48516f8d75a48fef10dd53074e70a255cd86cf742f9e3c82183a527d931
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e590e947a747dc73d03d99f7465df7e71b6de6812f8e4dc2ca31261e310627a9
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08de299a88f8c36c3b8b49dac410fce15a9f6789e848aa3643996e3c9bba67d
f1a35bdda07bc6ac03b60957dcdbf06623d1f5c6a26cf54eb1c9dc367ba4b1d4
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e
fafc14f262ec9c1af04bdf0dad58cd13b29403dab26f04047d256f9e7e9ed6da
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804