urlscan.io logo urlscan.io
SecurityTrails logo

www.dailymail.co.uk Open in urlscan Pro
2600:1400:d:587::16c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/byCVCXDPMgi6RAmph6ikWl?domain=dailymail.co.uk
Effective URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-...
Submission: On March 18 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 258 IPs in 15 countries across 217 domains to perform 2832 HTTP transactions. The main IP is 2600:1400:d:587::16c2, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.dailymail.co.uk. The Cisco Umbrella rank of the primary domain is 8957.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 25th 2021. Valid for: a year.
This is the only time www.dailymail.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.113 3561 (CENTURYLI...)
2 97 2600:1400:d:5... 20940 (AKAMAI-ASN1)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
13 2607:f8b0:400... 15169 (GOOGLE)
4 13.225.71.63 16509 (AMAZON-02)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
13 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 2607:f8b0:400... 15169 (GOOGLE)
7 2600:141b:13:... 20940 (AKAMAI-ASN1)
12 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2a01:578:3::3... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 90 23.52.162.21 16625 (AKAMAI-AS)
20 2607:f8b0:400... 15169 (GOOGLE)
2 23.215.130.90 20940 (AKAMAI-ASN1)
11 54.192.160.42 16509 (AMAZON-02)
2 47 151.101.1.44 54113 (FASTLY)
9 25 2620:116:800b... 14618 (AMAZON-AES)
1 2600:9000:210... 16509 (AMAZON-02)
67 23.52.163.40 16625 (AKAMAI-AS)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 12 2607:f8b0:400... 15169 (GOOGLE)
3 142.251.35.166 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:21d... 16509 (AMAZON-02)
72 142.251.41.2 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 34.235.240.223 14618 (AMAZON-AES)
2 52.203.231.132 14618 (AMAZON-AES)
1 130.211.23.194 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.19.150.54 13335 (CLOUDFLAR...)
20 91 68.67.179.135 29990 (ASN-APPNEX)
10 34.107.254.252 15169 (GOOGLE)
6 2600:1400:d::... 20940 (AKAMAI-ASN1)
10 2607:f8b0:400... 15169 (GOOGLE)
2 54.230.162.99 16509 (AMAZON-02)
2 54.88.131.185 14618 (AMAZON-AES)
66 2607:f8b0:400... 15169 (GOOGLE)
12 68.67.153.61 29990 (ASN-APPNEX)
20 74.119.119.129 19750 (AS-CRITEO)
7 35.168.210.194 14618 (AMAZON-AES)
6 199.127.204.162 26120 (RHYTHMONE)
17 2602:803:c002... 26667 (RUBICONPR...)
1 195.244.31.11 63140 (IGUANA-WO...)
7 100.25.235.110 14618 (AMAZON-AES)
26 199.187.193.130 47043 (SMARTADSE...)
7 52.4.33.45 14618 (AMAZON-AES)
2 34.200.63.26 14618 (AMAZON-AES)
1 23.52.160.7 16625 (AKAMAI-AS)
8 34.149.20.76 15169 (GOOGLE)
13 141 34.98.64.218 15169 (GOOGLE)
6 173.223.237.164 16625 (AKAMAI-AS)
23 104.36.115.111 62713 (AS-PUBMATIC)
17 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
7 13 2600:1f18:4e9... 14618 (AMAZON-AES)
16 52.206.228.228 14618 (AMAZON-AES)
1 52.21.37.25 14618 (AMAZON-AES)
23 32 3.33.220.150 16509 (AMAZON-02)
1 34.120.155.137 15169 (GOOGLE)
2 52.10.19.115 16509 (AMAZON-02)
5 34.102.146.192 15169 (GOOGLE)
2 46.105.202.126 16276 (OVH)
109 2620:100:a001::4 19750 (AS-CRITEO)
43 50 142.251.35.162 15169 (GOOGLE)
6 12 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
2 2 34.231.116.207 14618 (AMAZON-AES)
3 3.217.244.219 14618 (AMAZON-AES)
16 19 107.178.246.49 15169 (GOOGLE)
18 18 216.200.232.249 30419 (MEDIAMATH...)
29 37 35.211.178.172 19527 (GOOGLE-2)
45 2607:f8b0:400... 15169 (GOOGLE)
1 7 51.195.5.234 16276 (OVH)
9 14 68.67.160.186 29990 (ASN-APPNEX)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
3 162.248.18.10 62713 (AS-PUBMATIC)
8 141.226.124.48 200478 (TABOOLA-AS)
15 31 2620:100:a001::c 19750 (AS-CRITEO)
4 34.203.0.170 14618 (AMAZON-AES)
4 192.35.249.123 11742 (SPOTX-IAD)
2 6 2600:1f18:612... 14618 (AMAZON-AES)
9 3.224.73.153 14618 (AMAZON-AES)
4 80 141.226.224.48 200478 (TABOOLA-AS)
1 23.64.103.192 16625 (AKAMAI-AS)
15 74.119.119.139 19750 (AS-CRITEO)
2 28 209.54.177.54 16509 (AMAZON-02)
1 34.120.135.53 396982 (GOOGLE-CL...)
7 2600:1f18:612... 14618 (AMAZON-AES)
13 17 192.35.249.120 11742 (SPOTX-IAD)
13 19 54.175.87.114 14618 (AMAZON-AES)
2 151.101.193.44 54113 (FASTLY)
4 34.98.72.95 15169 (GOOGLE)
12 28 151.101.66.49 54113 (FASTLY)
5 5 2600:9000:21e... 16509 (AMAZON-02)
7 7 169.61.103.241 36351 (SOFTLAYER)
6 6 44.196.51.251 14618 (AMAZON-AES)
1 16 18.207.27.64 14618 (AMAZON-AES)
8 34.239.97.35 14618 (AMAZON-AES)
1 1 199.187.193.182 47043 (SMARTADSE...)
17 18 2606:ae80:145... 25751 (VALUECLICK)
1 1 20.72.149.136 8075 (MICROSOFT...)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
1 3 104.16.190.66 13335 (CLOUDFLAR...)
1 1 44.198.213.18 14618 (AMAZON-AES)
4 11 52.70.74.97 14618 (AMAZON-AES)
25 23.52.161.180 16625 (AKAMAI-AS)
2 52.0.59.237 14618 (AMAZON-AES)
7 53 104.107.5.93 16625 (AKAMAI-AS)
2 3 63.251.86.51 32475 (SINGLEHOP...)
6 51 52.223.22.214 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
10 10 70.42.32.127 13789 (INTERNAP-...)
8 16 23.209.184.224 16625 (AKAMAI-AS)
20 20 207.198.113.176 13768 (COGECO-PEER1)
4 5 44.199.37.161 14618 (AMAZON-AES)
3 4 64.202.112.127 22075 (AS-OUTBRAIN)
6 6 54.166.244.71 14618 (AMAZON-AES)
7 7 34.226.161.152 14618 (AMAZON-AES)
6 8 132.226.41.106 31898 (ORACLE-BM...)
4 107.23.24.80 14618 (AMAZON-AES)
5 7 38.91.45.7 398989 (DEEPINTENT)
5 6 52.0.166.156 14618 (AMAZON-AES)
29 35 199.127.204.142 26120 (RHYTHMONE)
9 63.251.114.182 12181 (INTERNAP-...)
14 14 198.148.27.139 19189 (PULSEPOINT)
1 5 199.187.193.177 47043 (SMARTADSE...)
3 18.210.194.11 14618 (AMAZON-AES)
2 2 34.198.166.14 14618 (AMAZON-AES)
2 2 44.235.55.208 16509 (AMAZON-02)
8 18.214.54.11 14618 (AMAZON-AES)
7 7 185.184.8.65 204995 (RTB-HOUSE...)
3 3 52.0.156.250 14618 (AMAZON-AES)
36 36 67.202.105.22 32748 (STEADFAST)
1 7 67.202.105.34 32748 (STEADFAST)
1 1 124.146.215.46 2514 (INFOSPHER...)
12 12 51.178.20.140 16276 (OVH)
7 2607:f8b0:400... 15169 (GOOGLE)
5 19 69.173.151.100 26667 (RUBICONPR...)
1 10 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4998:14:... 14777 (YAHOO)
1 3 52.94.222.140 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 35.190.65.91 15169 (GOOGLE)
1 35.201.69.52 15169 (GOOGLE)
1 35.201.69.19 15169 (GOOGLE)
15 2607:f8b0:400... 15169 (GOOGLE)
14 34.111.8.32 15169 (GOOGLE)
13 2001:4860:480... 15169 (GOOGLE)
38 2607:f8b0:400... 15169 (GOOGLE)
3 172.253.122.155 15169 (GOOGLE)
13 151.101.194.133 54113 (FASTLY)
13 54.230.161.118 16509 (AMAZON-02)
1 34.107.191.194 15169 (GOOGLE)
2 4 35.207.10.239 15169 (GOOGLE)
8 8 35.207.24.140 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
4 4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:401... 15169 (GOOGLE)
11 2606:4700:303... 13335 (CLOUDFLAR...)
19 52.46.145.177 16509 (AMAZON-02)
6 7 185.167.164.37 198622 (ADFORM)
2 29 8.28.7.83 62713 (AS-PUBMATIC)
14 14 54.236.195.76 14618 (AMAZON-AES)
1 2 199.187.193.166 47043 (SMARTADSE...)
12 104.36.115.109 62713 (AS-PUBMATIC)
1 23 74.119.119.150 19750 (AS-CRITEO)
3 3 173.231.178.82 29791 (VOXEL-DOT...)
7 8 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 18.214.97.110 14618 (AMAZON-AES)
5 5 69.90.254.78 13768 (COGECO-PEER1)
3 3 38.27.122.126 174 (COGENT-174)
7 7 104.107.15.75 16625 (AKAMAI-AS)
6 104.36.115.114 62713 (AS-PUBMATIC)
4 36 23.111.200.118 7979 (SERVERS-COM)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
7 52.94.233.131 16509 (AMAZON-02)
21 142.251.40.130 15169 (GOOGLE)
4 142.250.80.66 15169 (GOOGLE)
21 151.101.1.108 54113 (FASTLY)
3 3 35.211.141.197 19527 (GOOGLE-2)
7 14 52.200.129.142 14618 (AMAZON-AES)
1 4 104.18.98.194 13335 (CLOUDFLAR...)
1 1 13.225.214.90 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 47.252.78.131 45102 (ALIBABA-C...)
12 16 54.86.196.175 14618 (AMAZON-AES)
4 5 2620:112:f002... 6336 (TURN-US-ASN)
3 6 35.186.253.211 15169 (GOOGLE)
1 34.149.130.207 15169 (GOOGLE)
29 34.117.239.71 396982 (GOOGLE-CL...)
9 9 192.132.33.46 18568 (BIDTELLECT)
11 12 35.171.137.144 14618 (AMAZON-AES)
5 6 199.38.167.131 54312 (ROCKETFUEL)
1 1 3.218.13.135 14618 (AMAZON-AES)
1 2 13.225.214.37 16509 (AMAZON-02)
5 5 52.2.129.173 14618 (AMAZON-AES)
8 8 34.111.151.213 15169 (GOOGLE)
3 9 3.217.99.187 14618 (AMAZON-AES)
4 4 3.131.9.254 16509 (AMAZON-02)
1 23.52.167.93 16625 (AKAMAI-AS)
1 1 204.2.255.232 2914 (NTT-LTD-2914)
1 52.211.48.15 16509 (AMAZON-02)
2 2 52.20.86.11 14618 (AMAZON-AES)
1 1 204.62.13.72 46636 (NATCOWEB)
3 3 35.244.216.234 15169 (GOOGLE)
3 34.96.105.8 15169 (GOOGLE)
10 13 23.88.75.186 24940 (HETZNER-AS)
1 2 3.233.247.233 14618 (AMAZON-AES)
2 72.21.81.64 15133 (EDGECAST)
16 54.230.162.25 16509 (AMAZON-02)
5 151.101.193.108 54113 (FASTLY)
14 68.67.179.121 29990 (ASN-APPNEX)
4 2607:f8b0:400... 15169 (GOOGLE)
5 151.101.130.49 54113 (FASTLY)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
4 13.225.71.16 16509 (AMAZON-02)
1 1 52.4.194.209 14618 (AMAZON-AES)
1 1 35.211.118.13 19527 (GOOGLE-2)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
14 37.157.3.30 198622 (ADFORM)
4 152.199.4.100 15133 (EDGECAST)
1 52.218.62.43 16509 (AMAZON-02)
11 2620:100:a001... 19750 (AS-CRITEO)
22 74.119.119.147 19750 (AS-CRITEO)
1 13.225.214.19 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
3 104.81.133.133 16625 (AKAMAI-AS)
2 2 104.45.178.220 8075 (MICROSOFT...)
2 2 172.105.232.22 63949 (LINODE-AP...)
2 5.161.54.172 213230 (HETZNER-C...)
2 195.5.165.20 44968 (IPROM-AS)
6 6 51.210.112.236 16276 (OVH)
2 6 54.80.152.36 14618 (AMAZON-AES)
4 4 35.201.96.126 15169 (GOOGLE)
4 7 50.57.31.206 19994 (RACKSPACE)
2 4 2600:9000:21e... 16509 (AMAZON-02)
2 2 45.35.192.162 40676 (AS40676)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
2 2 159.65.197.210 14061 (DIGITALOC...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 54.235.111.4 14618 (AMAZON-AES)
1 54.230.162.14 16509 (AMAZON-02)
1 54.230.162.71 16509 (AMAZON-02)
1 199.250.166.129 26459 (TTD-ASN-01)
2 152.199.5.184 15133 (EDGECAST)
1 151.101.65.108 54113 (FASTLY)
2 34.95.69.49 15169 (GOOGLE)
2 35.208.249.213 19527 (GOOGLE-2)
4 13.226.26.38 16509 (AMAZON-02)
11 2606:4700::68... 13335 (CLOUDFLAR...)
115 74.119.119.137 19750 (AS-CRITEO)
27 74.119.119.149 19750 (AS-CRITEO)
2 3.136.40.59 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
4 13.225.71.24 16509 (AMAZON-02)
1 52.21.17.234 14618 (AMAZON-AES)
2 34.233.8.71 14618 (AMAZON-AES)
2 13.57.144.122 16509 (AMAZON-02)
2 2600:9000:21d... 16509 (AMAZON-02)
4 5 63.251.28.218 26558 (FREEWHEEL)
5 3.95.145.149 14618 (AMAZON-AES)
10 10 34.102.163.6 15169 (GOOGLE)
3 7 13.226.26.122 16509 (AMAZON-02)
6 6 54.227.147.124 14618 (AMAZON-AES)
6 6 52.1.82.123 14618 (AMAZON-AES)
1 138.201.65.74 24940 (HETZNER-AS)
1 193.232.148.142 48061 (UMA-TECH-AS)
3 52.220.229.2 16509 (AMAZON-02)
3 3 199.187.193.185 47043 (SMARTADSE...)
3 3 37.18.24.16 205675 (HYBRID-AS)
1 185.31.113.18 204720 (CDNETWORKS)
31 23.64.109.57 16625 (AKAMAI-AS)
1 2607:f8b0:401... 15169 (GOOGLE)
2 34.193.254.175 14618 (AMAZON-AES)
2 18.116.233.102 16509 (AMAZON-02)
1 1 44.200.208.73 14618 (AMAZON-AES)
2 2 3.127.110.139 16509 (AMAZON-02)
1 2 54.153.172.152 16509 (AMAZON-02)
3 3 35.190.90.30 15169 (GOOGLE)
18 23.52.167.40 16625 (AKAMAI-AS)
1 52.54.188.195 14618 (AMAZON-AES)
1 35.75.69.76 16509 (AMAZON-02)
1 1 104.18.20.134 13335 (CLOUDFLAR...)
1 3.15.109.176 16509 (AMAZON-02)
1 173.223.56.11 16625 (AKAMAI-AS)
1 23.52.164.177 16625 (AKAMAI-AS)
1 54.205.170.190 14618 (AMAZON-AES)
1 52.73.93.37 14618 (AMAZON-AES)
1 2 107.23.25.6 14618 (AMAZON-AES)
1 2 54.156.26.12 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f18:659... 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 104.244.42.131 13414 (TWITTER)
2 3 2600:1f18:1c9... 14618 (AMAZON-AES)
2 2 64.58.232.176 13649 (ASN-VINS)
1 2 64.58.232.180 13649 (ASN-VINS)
1 34.102.185.99 15169 (GOOGLE)
2 2600:9000:21d... 16509 (AMAZON-02)
1 54.86.107.88 14618 (AMAZON-AES)
3 69.173.151.67 26667 (RUBICONPR...)
4 4 31.172.81.159 44066 (DE-FIRSTC...)
2 2 31.172.81.160 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 31.172.81.158 44066 (DE-FIRSTC...)
1 2 184.51.146.146 20940 (AKAMAI-ASN1)
1 2 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 3 69.166.1.10 27630 (AS-XFERNET)
1 2602:803:c002... 26667 (RUBICONPR...)
1 18.204.190.178 14618 (AMAZON-AES)
1 34.192.138.137 14618 (AMAZON-AES)
2 2 213.19.162.80 26667 (RUBICONPR...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 2 104.19.135.78 13335 (CLOUDFLAR...)
1 11 51.222.39.185 16276 (OVH)
1 8.28.7.82 62713 (AS-PUBMATIC)
2 2 54.164.126.90 14618 (AMAZON-AES)
1 2 2a02:6b8::90 208722 (YNDX)
1 82.145.213.8 39832 (NO-OPERA)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 18.214.50.46 14618 (AMAZON-AES)
2832 258
2    205.139.111.113 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com
97    2600:1400:d:587::16c2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.dailymail.co.uk
i.dailymail.co.uk
scripts.dailymail.co.uk
secured.dailymail.co.uk
fff.dailymail.co.uk
video.dailymail.co.uk
3    2600:141b:13:a9c::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
c.go-mpulse.net
173bf10e.akstat.io
13    2607:f8b0:4006:80f::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    13.225.71.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-63.ewr53.r.cloudfront.net
uk-script.dotmetrics.net
4    2600:141b:13:a88::16c2 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
ted.dailymail.co.uk
13    2600:141b:13:a80::16c2 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
t.dailymail.co.uk
crta.dailymail.co.uk
4    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2600:141b:13::172f:91c3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
hulkprod.anm.co.uk
12    2600:141b:13:a93::11ae (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cmp.dmgmediaprivacy.co.uk
1    2a01:578:3::36d9:fa7e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
euasync01.admantx.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
90    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
js-sec.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
20    2607:f8b0:4006:80e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    23.215.130.90 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-90.deploy.static.akamaitechnologies.com
storage.cloud.kargo.com
11    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
47    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprnjmp.taboola.com
wf.taboola.com
imprchmp.taboola.com
match.taboola.com
25    2620:116:800b:21:2d66:77a6:9085:a5fa (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:210b:c000:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ovp.iris.tv
67    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2607:f8b0:4006:820::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    142.251.35.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2600:9000:21dd:bc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
72    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
partner.googleadservices.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    34.235.240.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-240-223.compute-1.amazonaws.com
mb.moatads.com
2    52.203.231.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-231-132.compute-1.amazonaws.com
geo.moatads.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)
5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
91    68.67.179.135 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
10    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
6    2600:1400:d::1721:ee22 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.newzit.com
rta2.newzit.com
10    2607:f8b0:4006:822::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    54.230.162.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-99.ewr53.r.cloudfront.net
context.iris.tv
2    54.88.131.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-131-185.compute-1.amazonaws.com
klkstrm.kargo.com
66    2607:f8b0:4006:81e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    68.67.153.61 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.nym2.adnexus.net
prebid.adnxs.com
20    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
7    35.168.210.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-210-194.compute-1.amazonaws.com
btlr.sharethrough.com
6    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
17    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
hb-api.omnitagjs.com
7    100.25.235.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-235-110.compute-1.amazonaws.com
tlx.3lift.com
26    199.187.193.130 (Canada)

ASN47043 (SMARTADSERVER, CA)
prg.smartadserver.com
7    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
2    34.200.63.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-63-26.compute-1.amazonaws.com
krk.kargo.com
1    23.52.160.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-7.deploy.static.akamaitechnologies.com
a.teads.tv
8    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
141    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
mailonline-us-d.openx.net
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
adpone-d.openx.net
6    173.223.237.164 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-237-164.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
23    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
17    2607:f8b0:4006:809::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2607:f8b0:4006:816::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com
6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com
538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com
13    2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
16    52.206.228.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-228-228.compute-1.amazonaws.com
crb.kargo.com
1    52.21.37.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-37-25.compute-1.amazonaws.com
id.sv.rkdms.com
32    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    52.10.19.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-19-115.us-west-2.compute.amazonaws.com
id.sharedid.org
5    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
109    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
50    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
12    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    34.231.116.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com
usermatch.krxd.net
3    3.217.244.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-244-219.compute-1.amazonaws.com
beacon.krxd.net
19    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
tapestry.tapad.com
18    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
37    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
45    2607:f8b0:4006:820::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com
id5-sync.com
14    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
7    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
8    141.226.124.48 (Islington, United Kingdom)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
31    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    34.203.0.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-0-170.compute-1.amazonaws.com
ads.adaptv.advertising.com
4    192.35.249.123 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
6    2600:1f18:612b:4200:b54f:a79a:adff:b87e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
m7hdh-2damu.ads.tremorhub.com
9    3.224.73.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-73-153.compute-1.amazonaws.com
prebid-server.rubiconproject.com
80    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
us-wf.taboola.com
1    23.64.103.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-103-192.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
15    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
28    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
7    2600:1f18:612b:4216:4bb:825e:5e5f:d97a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
partners.tremorhub.com
17    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
19    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
4    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
28    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
asf-tm.everesttech.net
statsf-tm.everesttech.net
rtd-tm.everesttech.net
playtime-tm.everesttech.net
5    2600:9000:21ea:8400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
7    169.61.103.241 (Brooklyn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f1.67.3da9.ip4.static.sl-reverse.com
um.simpli.fi
6    44.196.51.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-51-251.compute-1.amazonaws.com
cs.emxdgt.com
16    18.207.27.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-27-64.compute-1.amazonaws.com
rtb.gumgum.com
8    34.239.97.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-97-35.compute-1.amazonaws.com
sync.bfmio.com
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
18    2606:ae80:1451:19::1400 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
triplelift-match.dotomi.com
tubemogul-sync.dotomi.com
prebid-match.dotomi.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    44.198.213.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-213-18.compute-1.amazonaws.com
usr.undertone.com
11    52.70.74.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-74-97.compute-1.amazonaws.com
match.sharethrough.com
25    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.0.59.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-59-237.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
53    104.107.5.93 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
3    63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
51    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
10    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
16    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
m.dlx.addthis.com
20    207.198.113.176 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    44.199.37.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-37-161.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    64.202.112.127 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
6    54.166.244.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-244-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    34.226.161.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-161-152.compute-1.amazonaws.com
sync.ipredictive.com
8    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
uat-net.technoratimedia.com
4    107.23.24.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-24-80.compute-1.amazonaws.com
usersync.gumgum.com
7    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
6    52.0.166.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-166-156.compute-1.amazonaws.com
ad.360yield.com
35    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    63.251.114.182 (United States)

ASN12181 (INTERNAP-2BLK, US)
ce.lijit.com
14    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
3    18.210.194.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-194-11.compute-1.amazonaws.com
ads.yieldmo.com
2    34.198.166.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-166-14.compute-1.amazonaws.com
nep.advangelists.com
2    44.235.55.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-55-208.us-west-2.compute.amazonaws.com
www.storygize.net
8    18.214.54.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-11.compute-1.amazonaws.com
rtb.adentifi.com
7    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
36    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
dp1.33across.com
7    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
1    124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
12    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
7    2607:f8b0:4006:80f::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
19    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
10    2607:f8b0:4006:822::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
3    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.190.65.91 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 91.65.190.35.bc.googleusercontent.com
data.cdnbasket.net
1    35.201.69.52 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 52.69.201.35.bc.googleusercontent.com
page.cdnbasket.net
1    35.201.69.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.69.201.35.bc.googleusercontent.com
view.cdnbasket.net
15    2607:f8b0:4006:80b::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
13    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
38    2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
bid.g.doubleclick.net
13    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.includemodal.com
13    54.230.161.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-161-118.ewr53.r.cloudfront.net
z-na.amazon-adsystem.com
1    34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
8    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    2607:f8b0:4006:80b::200e (Queens, United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2607:f8b0:401e:2b::9 (United States)

ASN15169 (GOOGLE, US)
r3---sn-ab5l6nzd.c.2mdn.net
11    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
19    52.46.145.177 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
7    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
29    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
14    54.236.195.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com
match.prod.bidr.io
2    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
12    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
23    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
widget.va.us.criteo.com
3    173.231.178.82 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
8    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    18.214.97.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-97-110.compute-1.amazonaws.com
pm.w55c.net
5    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
openx-ums.acuityplatform.com
3    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
7    104.107.15.75 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-15-75.deploy.static.akamaitechnologies.com
px.owneriq.net
6    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
36    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    204.2.255.233 (Newark, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
7    52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
21    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
ade.googlesyndication.com
4    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
googleads4.g.doubleclick.net
21    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
14    52.200.129.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-129-142.compute-1.amazonaws.com
pixel.advertising.com
4    104.18.98.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    13.225.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net
cm.smadex.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
16    54.86.196.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-196-175.compute-1.amazonaws.com
i.liadm.com
5    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
6    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
idr.cdnwidget.com
29    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
9    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
12    35.171.137.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-137-144.compute-1.amazonaws.com
bcp.crwdcntrl.net
6    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    3.218.13.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-13-135.compute-1.amazonaws.com
cms-xch.33across.com
2    13.225.214.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-37.ewr50.r.cloudfront.net
map.go.affec.tv
5    52.2.129.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-129-173.compute-1.amazonaws.com
sync.extend.tv
8    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
9    3.217.99.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-99-187.compute-1.amazonaws.com
dpm.demdex.net
4    3.131.9.254 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-9-254.us-east-2.compute.amazonaws.com
sync.adotmob.com
1    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    204.2.255.232 (Newark, United States)

ASN2914 (NTT-LTD-2914, US)
oxp.mxptint.net
1    52.211.48.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
s.cpx.to
2    52.20.86.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-86-11.compute-1.amazonaws.com
i.w55c.net
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
3    35.244.216.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.216.244.35.bc.googleusercontent.com
openx.adhaven.com
3    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
13    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
2    3.233.247.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-247-233.compute-1.amazonaws.com
um2.eqads.com
2    72.21.81.64 (United States)

ASN15133 (EDGECAST, US)
playtime.tubemogul.com
16    54.230.162.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-25.ewr53.r.cloudfront.net
windaloop.com
5    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
acdn.adnxs-simple.com
14    68.67.179.121 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
4    2607:f8b0:4006:9::9 (Queens, United States)

ASN15169 (GOOGLE, US)
r4---sn-ab5sznze.c.2mdn.net
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
statsf-tm.everesttech.net
15    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
4    13.225.71.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-16.ewr53.r.cloudfront.net
ib.3lift.com
1    52.4.194.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-194-209.compute-1.amazonaws.com
d.adroll.com
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
14    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    152.199.4.100 (United States)

ASN15133 (EDGECAST, US)
reflex.imds-cdn.com
1    52.218.62.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
11    2620:100:a001::12 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
22    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    13.225.214.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-19.ewr50.r.cloudfront.net
cdn.mediago.io
1    2600:9000:21ea:a400:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2cli4kgl5uxre.cloudfront.net
3    104.81.133.133 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-133-133.deploy.static.akamaitechnologies.com
ssl.connextra.com
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    172.105.232.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1886-22.members.linode.com
gocm.c.appier.net
2    5.161.54.172 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
6    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-1.cloudy.ovh
pixel.onaudience.com
6    54.80.152.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-152-36.compute-1.amazonaws.com
sync.crwdcntrl.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
7    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
uipus.semasio.net
4    2600:9000:21ea:6e00:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    54.235.111.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-111-4.compute-1.amazonaws.com
io.narrative.io
1    54.230.162.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-14.ewr53.r.cloudfront.net
ads.brandcdn.com
1    54.230.162.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-71.ewr53.r.cloudfront.net
choices.truste.com
1    199.250.166.129 (United States)

ASN26459 (TTD-ASN-01, US)
vae-bid.adsrvr.org
2    152.199.5.184 (United States)

ASN15133 (EDGECAST, US)
contango-cdn.technoratimedia.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
crcdn01.adnxs-simple.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
4    13.226.26.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-26-38.ewr53.r.cloudfront.net
choices.trustarc.com
11    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
115    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
27    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    3.136.40.59 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-40-59.us-east-2.compute.amazonaws.com
vid.springserve.com
1    2600:9000:210b:2400:3:1de0:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
ad-resources.brandcdn.com
4    13.225.71.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-24.ewr53.r.cloudfront.net
creative.stackadapt.com
1    52.21.17.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-17-234.compute-1.amazonaws.com
srv.stackadapt.com
2    34.233.8.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-8-71.compute-1.amazonaws.com
evm2.stackadapt.com
2    13.57.144.122 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-144-122.us-west-1.compute.amazonaws.com
adservices.brandcdn.com
2    2600:9000:21dd:2c00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
5    63.251.28.218 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
5    3.95.145.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-145-149.compute-1.amazonaws.com
match.justpremium.com
10    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
7    13.226.26.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-26-122.ewr53.r.cloudfront.net
ads.scorecardresearch.com
6    54.227.147.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-147-124.compute-1.amazonaws.com
j.mrpdata.net
6    52.1.82.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-82-123.compute-1.amazonaws.com
vop.sundaysky.com
1    138.201.65.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
1    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
3    52.220.229.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
3    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
3    37.18.24.16 (Chelyabinsk, Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm-us.hybrid.ai
1    185.31.113.18 (Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
31    23.64.109.57 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-109-57.deploy.static.akamaitechnologies.com
gsm-adverts.betstream.betgenius.com
1    2607:f8b0:401e:29::b (United States)

ASN15169 (GOOGLE, US)
r5---sn-ab5l6nzr.c.2mdn.net
2    34.193.254.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-254-175.compute-1.amazonaws.com
tags.srv.stackadapt.com
2    18.116.233.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-233-102.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
1    44.200.208.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-200-208-73.compute-1.amazonaws.com
sync.hgrtb.com
2    3.127.110.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-110-139.eu-central-1.compute.amazonaws.com
sportradarserving.com
2    54.153.172.152 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-172-152.ap-southeast-2.compute.amazonaws.com
sasinator.realestate.com.au
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
18    23.52.167.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-40.deploy.static.akamaitechnologies.com
stackadaptdisplay515602019759.s.moatpixel.com
stackadaptdisplayhourly515602019759.s.moatpixel.com
1    52.54.188.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-188-195.compute-1.amazonaws.com
east.srv.stackadapt.com
1    35.75.69.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-69-76.ap-northeast-1.compute.amazonaws.com
sync-jp.im-apps.net
1    104.18.20.134 (None, )

ASN13335 (CLOUDFLARENET, US)
idsync.reson8.com
1    3.15.109.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-109-176.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    173.223.56.11 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-11.deploy.static.akamaitechnologies.com
sync.teads.tv
1    23.52.164.177 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-177.deploy.static.akamaitechnologies.com
cw.addthis.com
1    54.205.170.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-170-190.compute-1.amazonaws.com
mid.rkdms.com
1    52.73.93.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-93-37.compute-1.amazonaws.com
bpi.rtactivate.com
2    107.23.25.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-25-6.compute-1.amazonaws.com
thrtle.com
2    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
2    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
navdmp.com
cdn.navdmp.com
1    2600:1f18:6593:f608:75dc:ec20:a692:551 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
5d0b6.v.fwmrm.net
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2600:1f18:1c96:4102:49f3:ecb9:1797:d45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
2    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
1    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
cm.t.tailtarget.com
2    2600:9000:21da:3400:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    54.86.107.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-107-88.compute-1.amazonaws.com
moveinc.demdex.net
3    69.173.151.67 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-nf.rubiconproject.com
4    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
2    184.51.146.146 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-146-146.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net
2    2600:141b:13::17d7:82da (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net
3    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2602:803:c002:200::44 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
1    18.204.190.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-190-178.compute-1.amazonaws.com
post.update.rubiconproject.com
1    34.192.138.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-138-137.compute-1.amazonaws.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
2    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
11    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
1    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    54.164.126.90 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-126-90.compute-1.amazonaws.com
ads.avct.cloud
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    2607:f8b0:4006:823::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.214.50.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-50-46.compute-1.amazonaws.com
sync.springserve.com
Apex Domain
Subdomains		 Transfer
251 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
pix.us.criteo.net — Cisco Umbrella Rank: 1949
csm.us.criteo.net — Cisco Umbrella Rank: 1926
4 MB
156 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
prebid.adnxs.com — Cisco Umbrella Rank: 1374
secure.adnxs.com — Cisco Umbrella Rank: 359
acdn.adnxs.com — Cisco Umbrella Rank: 523
cdn.adnxs.com — Cisco Umbrella Rank: 1232
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1225
698 KB
148 openx.net
mailonline-us-d.openx.net — Cisco Umbrella Rank: 19370
oajs.openx.net — Cisco Umbrella Rank: 8291
google-bidout-d.openx.net — Cisco Umbrella Rank: 6922
us-u.openx.net — Cisco Umbrella Rank: 323
u.openx.net — Cisco Umbrella Rank: 621
rtb.openx.net — Cisco Umbrella Rank: 1359
eu-u.openx.net — Cisco Umbrella Rank: 1751
adpone-d.openx.net — Cisco Umbrella Rank: 18192
26 KB
142 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 263
d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com
6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com
538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com
898 KB
142 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 181
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
bid.g.doubleclick.net — Cisco Umbrella Rank: 468
pubads.g.doubleclick.net — Cisco Umbrella Rank: 494
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
1 MB
138 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
15.taboola.com — Cisco Umbrella Rank: 1773
ch-trc-events.taboola.com — Cisco Umbrella Rank: 5402
images.taboola.com — Cisco Umbrella Rank: 1507
vidstat.taboola.com — Cisco Umbrella Rank: 1762
trc-events.taboola.com — Cisco Umbrella Rank: 1670
imprnjmp.taboola.com — Cisco Umbrella Rank: 3450
us-match.taboola.com — Cisco Umbrella Rank: 3818
wf.taboola.com — Cisco Umbrella Rank: 2168
us-vid-events.taboola.com — Cisco Umbrella Rank: 3576
imprchmp.taboola.com — Cisco Umbrella Rank: 3829
ch-match.taboola.com — Cisco Umbrella Rank: 4156
ch-vid-events.taboola.com — Cisco Umbrella Rank: 3886
sync-t1.taboola.com — Cisco Umbrella Rank: 1233
sync.taboola.com — Cisco Umbrella Rank: 724
pips.taboola.com — Cisco Umbrella Rank: 1686
cds.taboola.com — Cisco Umbrella Rank: 997
us-wf.taboola.com — Cisco Umbrella Rank: 3945
match.taboola.com — Cisco Umbrella Rank: 1843
793 KB
122 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
dis.criteo.com — Cisco Umbrella Rank: 617
ads.us.criteo.com — Cisco Umbrella Rank: 1860
cat.va.us.criteo.com — Cisco Umbrella Rank: 2549
widget.va.us.criteo.com — Cisco Umbrella Rank: 4035
674 KB
114 dailymail.co.uk
www.dailymail.co.uk — Cisco Umbrella Rank: 8957
i.dailymail.co.uk — Cisco Umbrella Rank: 7169
scripts.dailymail.co.uk — Cisco Umbrella Rank: 12812
ted.dailymail.co.uk — Cisco Umbrella Rank: 9066
t.dailymail.co.uk — Cisco Umbrella Rank: 9227
secured.dailymail.co.uk — Cisco Umbrella Rank: 16948
fff.dailymail.co.uk — Cisco Umbrella Rank: 17554
video.dailymail.co.uk — Cisco Umbrella Rank: 12895
crta.dailymail.co.uk — Cisco Umbrella Rank: 12158
4 MB
106 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417
image6.pubmatic.com — Cisco Umbrella Rank: 571
aud.pubmatic.com — Cisco Umbrella Rank: 3687
ads.pubmatic.com — Cisco Umbrella Rank: 419
simage2.pubmatic.com — Cisco Umbrella Rank: 554
image2.pubmatic.com — Cisco Umbrella Rank: 774
image4.pubmatic.com — Cisco Umbrella Rank: 765
simage4.pubmatic.com — Cisco Umbrella Rank: 1012
image8.pubmatic.com — Cisco Umbrella Rank: 570
307 KB
105 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 953
eus.rubiconproject.com — Cisco Umbrella Rank: 503
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
beacon-nf.rubiconproject.com — Cisco Umbrella Rank: 2533
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 1508
post.update.rubiconproject.com — Cisco Umbrella Rank: 3812
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2193
326 KB
87 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 409
js-sec.casalemedia.com — Cisco Umbrella Rank: 15649
as-sec.casalemedia.com — Cisco Umbrella Rank: 1068
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
dsum.casalemedia.com — Cisco Umbrella Rank: 1197
ssum.casalemedia.com — Cisco Umbrella Rank: 1229
r.casalemedia.com Failed
133 KB
81 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 6100
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 842
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 5769
aax.amazon-adsystem.com — Cisco Umbrella Rank: 848
225 KB
74 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1316
ssc-cms.33across.com — Cisco Umbrella Rank: 807
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1463
cms-xch.33across.com — Cisco Umbrella Rank: 2803
dp1.33across.com — Cisco Umbrella Rank: 4170
98 KB
72 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
mb.moatads.com — Cisco Umbrella Rank: 587
geo.moatads.com — Cisco Umbrella Rank: 553
px.moatads.com — Cisco Umbrella Rank: 392
482 KB
62 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
eb2.3lift.com — Cisco Umbrella Rank: 346
ib.3lift.com — Cisco Umbrella Rank: 1006
115 KB
51 gstatic.com
csi.gstatic.com
fonts.gstatic.com
725 KB
41 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
ads.yahoo.com — Cisco Umbrella Rank: 816
sp.analytics.yahoo.com Failed
cms.analytics.yahoo.com — Cisco Umbrella Rank: 777
22 KB
38 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
r.bidswitch.net — Cisco Umbrella Rank: 5811
15 KB
37 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1509
cache.betweendigital.com — Cisco Umbrella Rank: 17967
11 KB
37 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6983
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603
sync.smartadserver.com — Cisco Umbrella Rank: 1358
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2242
38 KB
34 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
asf-tm.everesttech.net — Cisco Umbrella Rank: 8180
statsf-tm.everesttech.net — Cisco Umbrella Rank: 2973
rtd-tm.everesttech.net — Cisco Umbrella Rank: 1825
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 4418
playtime-tm.everesttech.net — Cisco Umbrella Rank: 9096
14 KB
33 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
vae-bid.adsrvr.org — Cisco Umbrella Rank: 1814
17 KB
31 betgenius.com
gsm-adverts.betstream.betgenius.com — Cisco Umbrella Rank: 14291
583 KB
29 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1169
sync.1rx.io — Cisco Umbrella Rank: 491
14 KB
29 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
7 KB
28 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 399
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 MB
25 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
cms.quantserve.com — Cisco Umbrella Rank: 929
16 KB
22 kargo.com
storage.cloud.kargo.com — Cisco Umbrella Rank: 6456
klkstrm.kargo.com — Cisco Umbrella Rank: 17988
krk.kargo.com — Cisco Umbrella Rank: 2300
crb.kargo.com — Cisco Umbrella Rank: 1756
21 KB
21 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
adx.adform.net — Cisco Umbrella Rank: 4064
dmp.adform.net — Cisco Umbrella Rank: 2334
11 KB
21 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 387
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
16 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
gcdn.2mdn.net — Cisco Umbrella Rank: 924
r3---sn-ab5l6nzd.c.2mdn.net — Cisco Umbrella Rank: 55412
r4---sn-ab5sznze.c.2mdn.net
r5---sn-ab5l6nzr.c.2mdn.net — Cisco Umbrella Rank: 72902
8 MB
20 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 557
14 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 991
usersync.gumgum.com — Cisco Umbrella Rank: 4784
6 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
618 KB
19 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 365
tapestry.tapad.com — Cisco Umbrella Rank: 1011
7 KB
18 moatpixel.com
stackadaptdisplay515602019759.s.moatpixel.com — Cisco Umbrella Rank: 5235
stackadaptdisplayhourly515602019759.s.moatpixel.com — Cisco Umbrella Rank: 5231
4 KB
18 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 691
sync.crwdcntrl.net — Cisco Umbrella Rank: 628
6 KB
18 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4618
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2572
casale-match.dotomi.com — Cisco Umbrella Rank: 2423
openx2-match.dotomi.com — Cisco Umbrella Rank: 3717
triplelift-match.dotomi.com — Cisco Umbrella Rank: 3096
tubemogul-sync.dotomi.com — Cisco Umbrella Rank: 4656
prebid-match.dotomi.com — Cisco Umbrella Rank: 2403
6 KB
18 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1091
pixel.advertising.com — Cisco Umbrella Rank: 307
4 KB
18 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
10 KB
18 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 989
match.sharethrough.com — Cisco Umbrella Rank: 559
10 KB
16 windaloop.com
windaloop.com
51 KB
16 liadm.com
i.liadm.com — Cisco Umbrella Rank: 467
8 KB
16 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 781
creative.stackadapt.com — Cisco Umbrella Rank: 100208
srv.stackadapt.com — Cisco Umbrella Rank: 678
evm2.stackadapt.com — Cisco Umbrella Rank: 4701
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3237
east.srv.stackadapt.com — Cisco Umbrella Rank: 6614
11 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 21124
2 MB
14 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
5 KB
14 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
8 KB
13 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
2 KB
13 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1611
1 KB
13 includemodal.com
cdn.includemodal.com — Cisco Umbrella Rank: 22741
321 KB
13 tremorhub.com
m7hdh-2damu.ads.tremorhub.com — Cisco Umbrella Rank: 21233
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3085
partners.tremorhub.com — Cisco Umbrella Rank: 940
5 KB
13 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 713
idsync.rlcdn.com — Cisco Umbrella Rank: 281
id.rlcdn.com — Cisco Umbrella Rank: 565
2 KB
12 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1112
8 KB
12 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
7 KB
12 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
ce.lijit.com — Cisco Umbrella Rank: 734
16 KB
12 dmgmediaprivacy.co.uk
cmp.dmgmediaprivacy.co.uk — Cisco Umbrella Rank: 12541
162 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
5 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
55 KB
11 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 9209
6 KB
11 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 437
tags.bluekai.com — Cisco Umbrella Rank: 404
10 KB
11 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
d.turn.com — Cisco Umbrella Rank: 652
5 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2147
api.permutive.com — Cisco Umbrella Rank: 1691
googlesync.permutive.com — Cisco Umbrella Rank: 7350
3 KB
10 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1753
2 KB
10 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
moveinc.demdex.net — Cisco Umbrella Rank: 8391
9 KB
10 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
contango-cdn.technoratimedia.com — Cisco Umbrella Rank: 12242
uat-net.technoratimedia.com — Cisco Umbrella Rank: 1793
12 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
6 KB
9 bttrack.com
bttrack.com — Cisco Umbrella Rank: 659
6 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488 Failed
cdn.id5-sync.com — Cisco Umbrella Rank: 1490
32 KB
9 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
24 KB
8 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1624
2 KB
8 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 697
s.tribalfusion.com — Cisco Umbrella Rank: 1995
5 KB
8 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 744
2 KB
8 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 956
369 B
8 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1120
3 KB
7 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 1731
3 KB
7 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 5463
vpaid.springserve.com — Cisco Umbrella Rank: 7286
vid-io-cle.springserve.com — Cisco Umbrella Rank: 6151
sync.springserve.com — Cisco Umbrella Rank: 2414
177 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1090
uipus.semasio.net — Cisco Umbrella Rank: 4002
5 KB
7 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 825
5 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
139 KB
7 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1136
hde.tynt.com — Cisco Umbrella Rank: 3860
20 KB
7 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 614
2 KB
7 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 813
2 KB
7 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 880
3 KB
7 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
3 KB
7 anm.co.uk
hulkprod.anm.co.uk — Cisco Umbrella Rank: 8398
27 KB
6 addthis.com
m.dlx.addthis.com — Cisco Umbrella Rank: 2559
cw.addthis.com — Cisco Umbrella Rank: 1130
1 KB
6 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2285
3 KB
6 mrpdata.net
j.mrpdata.net — Cisco Umbrella Rank: 2819
4 KB
6 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 393
d.agkn.com — Cisco Umbrella Rank: 492
4 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1868
3 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
5 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
i.w55c.net — Cisco Umbrella Rank: 1419
4 KB
6 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
1 KB
6 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 806
789 B
6 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 1725
tag.bounceexchange.com — Cisco Umbrella Rank: 1907
api.bounceexchange.com — Cisco Umbrella Rank: 2211
142 KB
6 newzit.com
www.newzit.com — Cisco Umbrella Rank: 10473
rta2.newzit.com — Cisco Umbrella Rank: 11400
7 KB
5 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 794
ib.mookie1.com — Cisco Umbrella Rank: 1553
4 KB
5 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 2600
2 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626 Failed
2 KB
5 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1459
3 KB
5 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 970
openx-ums.acuityplatform.com — Cisco Umbrella Rank: 4482
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
2 KB
5 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1190
2 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 4434
ads.yieldmo.com — Cisco Umbrella Rank: 611
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 9074
sync-criteo.ads.yieldmo.com Failed
3 KB
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
3 KB
5 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 975
beacon.krxd.net — Cisco Umbrella Rank: 375
1 KB
5 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 7827
39 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1823
mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1820
eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net
1 KB
4 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2702
2 KB
4 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 658
3 KB
4 brandcdn.com
ads.brandcdn.com — Cisco Umbrella Rank: 22275
ad-resources.brandcdn.com — Cisco Umbrella Rank: 23563
adservices.brandcdn.com — Cisco Umbrella Rank: 12162
121 KB
4 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3310
2 KB
4 imds-cdn.com
reflex.imds-cdn.com
185 KB
4 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1385
2 KB
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
763 B
4 behave.com
ssp.behave.com — Cisco Umbrella Rank: 2357
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 720
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
4 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 5272
40 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
92 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843
2 KB
3 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1032
1 KB
3 hybrid.ai
dm-us.hybrid.ai — Cisco Umbrella Rank: 4766
1 KB
3 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 30810
3 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 9319
4 KB
3 mediago.io
cdn.mediago.io — Cisco Umbrella Rank: 11569
trace.mediago.io — Cisco Umbrella Rank: 2017
2 KB
3 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2593
411 B
3 adhaven.com
openx.adhaven.com — Cisco Umbrella Rank: 4875
658 B
3 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 3834
900 B
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3751
oxp.mxptint.net — Cisco Umbrella Rank: 3961
1 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1498
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1282
2 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 5608
page.cdnbasket.net — Cisco Umbrella Rank: 5607
view.cdnbasket.net — Cisco Umbrella Rank: 5606
1 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 950
4 KB
3 districtm.io
cdn.districtm.io — Cisco Umbrella Rank: 1598
2 KB
3 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2486
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3039
2 KB
3 iris.tv
ovp.iris.tv — Cisco Umbrella Rank: 10847
context.iris.tv — Cisco Umbrella Rank: 10432
6 KB
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2490
674 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2494
890 B
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 2218
1 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 9999
706 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13774
1 KB
2 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 11692
1 KB
2 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1360
919 B
2 navdmp.com
navdmp.com — Cisco Umbrella Rank: 3370
cdn.navdmp.com — Cisco Umbrella Rank: 4193
320 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 899
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1109
759 B
2 realestate.com.au
sasinator.realestate.com.au — Cisco Umbrella Rank: 3554
1 KB
2 sportradarserving.com
sportradarserving.com — Cisco Umbrella Rank: 2125
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1247
15 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 1930
643 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1469
mwzeom.zeotap.com — Cisco Umbrella Rank: 1307
226 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2130
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3095
682 B
2 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 1991
970 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4909
556 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5353
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1880
787 B
2 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2477
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3298
93 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 3972
19 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2981
563 B
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 4003
1 KB
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2697
365 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 193
951 B
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 4389
idr.cdnwidget.com — Cisco Umbrella Rank: 4865
1 KB
2 storygize.net
www.storygize.net — Cisco Umbrella Rank: 1615
758 B
2 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1943
443 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 663
856 B
2 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 5018
1 KB
2 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 3832
mid.rkdms.com — Cisco Umbrella Rank: 945
689 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1118
criteo-sync.teads.tv Failed
sync.teads.tv — Cisco Umbrella Rank: 870
538 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
481 B
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3104
26 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 941
api.btloader.com — Cisco Umbrella Rank: 1110
5 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1140
c.go-mpulse.net — Cisco Umbrella Rank: 545
51 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 8294
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 4149
410 B
1 akstat.io
173bf10e.akstat.io — Cisco Umbrella Rank: 15691
205 B
1 sniperlog.ru
sync3.sniperlog.ru — Cisco Umbrella Rank: 32357
516 B
1 tailtarget.com
cm.t.tailtarget.com — Cisco Umbrella Rank: 5042
466 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 464
353 B
1 fwmrm.net
5d0b6.v.fwmrm.net — Cisco Umbrella Rank: 4137
411 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1667
109 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1322
780 B
1 reson8.com
idsync.reson8.com — Cisco Umbrella Rank: 1698
489 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 2566
203 B
1 hgrtb.com
sync.hgrtb.com — Cisco Umbrella Rank: 1641
259 B
1 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11171
78 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 20303
69 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
413 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 647
18 KB
1 cloudfront.net
d2cli4kgl5uxre.cloudfront.net
87 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
26 KB
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1742
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1396
112 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2365
580 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1700
878 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 469
626 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2720
530 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1283
821 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 3056
575 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3978
visitor.omnitagjs.com Failed
818 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
1 KB
1 permutive.app
5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app — Cisco Umbrella Rank: 13650
124 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
4 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1128
1019 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
3 KB
1 admantx.com
euasync01.admantx.com — Cisco Umbrella Rank: 16845
1 KB
0 angsrvr.com Failed
sy.eu.angsrvr.com Failed
0 ru4.com Failed
msec.xp1.ru4.com Failed
0 adbrn.com Failed
sp.adbrn.com Failed
0 vdopia.com Failed
cs.vdopia.com Failed
0 adobe.com Failed
adtag.primetime.adobe.com Failed
0 dmxleo.com Failed
public-prod-dspcookiematching.dmxleo.com Failed
0 mediavine.com Failed
exchange.mediavine.com Failed
0 ivitrack.com Failed
matching.ivitrack.com Failed
2832 217
Domain Requested by
115 pix.us.criteo.net ads.us.criteo.com
www.dailymail.co.uk
109 static.criteo.net securepubads.g.doubleclick.net
www.dailymail.co.uk
ads.us.criteo.com
hb.adpone.com
static.criteo.net
101 us-u.openx.net 13 redirects google-bidout-d.openx.net
www.dailymail.co.uk
us-u.openx.net
u.openx.net
de.tynt.com
srcdoc
hb.adpone.com
ch-match.taboola.com
91 ib.adnxs.com 20 redirects 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
www.dailymail.co.uk
sync-amz.ads.yieldmo.com
eb2.3lift.com
acdn.adnxs.com
hb.adpone.com
66 pagead2.googlesyndication.com srcdoc
www.googletagservices.com
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.dailymail.co.uk
securepubads.g.doubleclick.net
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
ad.doubleclick.net
62 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
www.dailymail.co.uk
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
windaloop.com
56 sync.taboola.com 4 redirects imprchmp.taboola.com
srcdoc
ssum.casalemedia.com
ssum-sec.casalemedia.com
ads.pubmatic.com
53 i.dailymail.co.uk www.dailymail.co.uk
51 eb2.3lift.com 6 redirects www.dailymail.co.uk
eb2.3lift.com
aax-us-east.amazon-adsystem.com
ads.us.criteo.com
widget.va.us.criteo.com
ib.3lift.com
50 cm.g.doubleclick.net 43 redirects google-bidout-d.openx.net
rtb.gumgum.com
eus.rubiconproject.com
eb2.3lift.com
www.dailymail.co.uk
onetag-sys.com
48 px.moatads.com d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
www.dailymail.co.uk
googleads.g.doubleclick.net
46 eus.rubiconproject.com s.amazon-adsystem.com
ch-match.taboola.com
rtb.gumgum.com
eus.rubiconproject.com
www.dailymail.co.uk
srcdoc
hb.adpone.com
cache.betweendigital.com
45 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
www.dailymail.co.uk
um2.eqads.com
ssum.casalemedia.com
45 tpc.googlesyndication.com d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
www.dailymail.co.uk
imasdk.googleapis.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
pagead2.googlesyndication.com
38 fonts.gstatic.com fonts.googleapis.com
37 x.bidswitch.net 29 redirects ch-match.taboola.com
imprchmp.taboola.com
srcdoc
www.dailymail.co.uk
ads.us.criteo.com
widget.va.us.criteo.com
36 ads.betweendigital.com 4 redirects hb.adpone.com
ads.betweendigital.com
eus.rubiconproject.com
onetag-sys.com
35 ssc-cms.33across.com 35 redirects
33 www.dailymail.co.uk 2 redirects www.dailymail.co.uk
32 match.adsrvr.org 23 redirects js-sec.indexww.com
ch-match.taboola.com
imprchmp.taboola.com
srcdoc
eus.rubiconproject.com
www.dailymail.co.uk
31 gsm-adverts.betstream.betgenius.com ssl.connextra.com
gsm-adverts.betstream.betgenius.com
31 gum.criteo.com 15 redirects static.criteo.net
secure.adnxs.com
29 cms-xch-chicago.33across.com de.tynt.com
us-u.openx.net
29 simage2.pubmatic.com 2 redirects ads.pubmatic.com
www.dailymail.co.uk
ads.us.criteo.com
widget.va.us.criteo.com
28 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
sync.bfmio.com
ap.lijit.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
eb2.3lift.com
us-u.openx.net
27 csm.us.criteo.net ads.us.criteo.com
26 prg.smartadserver.com www.dailymail.co.uk
hb.adpone.com
25 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
assets.bounceexchange.com
ads.pubmatic.com
www.dailymail.co.uk
hb.adpone.com
srcdoc
23 sync.1rx.io 20 redirects srcdoc
23 hbopenbid.pubmatic.com www.dailymail.co.uk
hb.adpone.com
22 cat.va.us.criteo.com windaloop.com
ads.us.criteo.com
21 acdn.adnxs.com www.dailymail.co.uk
secure.adnxs.com
hb.adpone.com
windaloop.com
21 ade.googlesyndication.com www.dailymail.co.uk
20 pixel-sync.sitescout.com 20 redirects
20 pixel.quantserve.com 5 redirects www.dailymail.co.uk
securepubads.g.doubleclick.net
20 bidder.criteo.com www.dailymail.co.uk
hb.adpone.com
20 www.googletagservices.com www.dailymail.co.uk
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
19 ups.analytics.yahoo.com 13 redirects www.dailymail.co.uk
us-u.openx.net
ads.us.criteo.com
widget.va.us.criteo.com
19 z.moatads.com www.dailymail.co.uk
z.moatads.com
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
hb.adpone.com
googleads.g.doubleclick.net
18 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
www.dailymail.co.uk
18 sync.mathtag.com 18 redirects
18 pixel.tapad.com 16 redirects us-u.openx.net
www.dailymail.co.uk
17 sync.search.spotxchange.com 13 redirects www.dailymail.co.uk
www.googletagmanager.com
17 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
17 fastlane.rubiconproject.com www.dailymail.co.uk
hb.adpone.com
16 windaloop.com www.dailymail.co.uk
windaloop.com
16 i.liadm.com 12 redirects us-u.openx.net
u.openx.net
ads.us.criteo.com
widget.va.us.criteo.com
www.dailymail.co.uk
16 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
www.dailymail.co.uk
16 crb.kargo.com storage.cloud.kargo.com
crb.kargo.com
www.dailymail.co.uk
15 hb.adpone.com windaloop.com
15 fonts.googleapis.com d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
cdnjs.cloudflare.com
s0.2mdn.net
15 mug.criteo.com www.dailymail.co.uk
14 adx.adform.net hb.adpone.com
14 adpone-d.openx.net hb.adpone.com
14 statsf-tm.everesttech.net playtime.tubemogul.com
www.dailymail.co.uk
14 nym1-ib.adnxs.com www.dailymail.co.uk
cdn.adnxs.com
hb.adpone.com
acdn.adnxs-simple.com
14 pixel.advertising.com 7 redirects ads.us.criteo.com
widget.va.us.criteo.com
onetag-sys.com
srcdoc
14 match.prod.bidr.io 14 redirects
14 pixel.rubiconproject.com eus.rubiconproject.com
www.dailymail.co.uk
onetag-sys.com
14 bh.contextweb.com 14 redirects
14 ssum-sec.casalemedia.com 5 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
srcdoc
ssum.casalemedia.com
14 secure.adnxs.com 9 redirects www.dailymail.co.uk
securepubads.g.doubleclick.net
de.tynt.com
secure.adnxs.com
13 csync.loopme.me 10 redirects us-u.openx.net
13 events.bouncex.net www.dailymail.co.uk
13 z-na.amazon-adsystem.com securepubads.g.doubleclick.net
13 cdn.includemodal.com securepubads.g.doubleclick.net
13 csi.gstatic.com imasdk.googleapis.com
13 pr-bh.ybp.yahoo.com 7 redirects google-bidout-d.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
13 imasdk.googleapis.com www.dailymail.co.uk
imasdk.googleapis.com
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
12 bcp.crwdcntrl.net 11 redirects www.dailymail.co.uk
12 dis.criteo.com 1 redirects ads.us.criteo.com
12 image2.pubmatic.com ads.pubmatic.com
12 gu.dyntrk.com 12 redirects
12 sync.targeting.unrulymedia.com 9 redirects us-u.openx.net
12 prebid.adnxs.com www.dailymail.co.uk
12 www.google.com 1 redirects www.dailymail.co.uk
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 cdn.taboola.com www.dailymail.co.uk
cdn.taboola.com
12 cmp.dmgmediaprivacy.co.uk www.dailymail.co.uk
cmp.dmgmediaprivacy.co.uk
11 onetag-sys.com 1 redirects cache.betweendigital.com
onetag-sys.com
11 cdnjs.cloudflare.com ads.us.criteo.com
11 widget.va.us.criteo.com ads.us.criteo.com
11 ads.us.criteo.com hb.adpone.com
11 eu-u.openx.net us-u.openx.net
11 analyticssystems.net www.dailymail.co.uk
11 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
ads.us.criteo.com
widget.va.us.criteo.com
us-u.openx.net
www.dailymail.co.uk
11 sync-tm.everesttech.net 10 redirects www.dailymail.co.uk
11 c.amazon-adsystem.com www.dailymail.co.uk
c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
10 ad.mrtnsvr.com 10 redirects
10 googleads.g.doubleclick.net 1 redirects www.dailymail.co.uk
pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 b1sync.zemanta.com 10 redirects
10 sync-t1.taboola.com ch-match.taboola.com
imprchmp.taboola.com
srcdoc
ads.us.criteo.com
widget.va.us.criteo.com
10 js-sec.casalemedia.com securepubads.g.doubleclick.net
js-sec.casalemedia.com
10 s0.2mdn.net imasdk.googleapis.com
ad.doubleclick.net
s0.2mdn.net
www.dailymail.co.uk
9 stackadaptdisplayhourly515602019759.s.moatpixel.com googleads.g.doubleclick.net
9 stackadaptdisplay515602019759.s.moatpixel.com googleads.g.doubleclick.net
9 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
us-u.openx.net
ssum.casalemedia.com
www.dailymail.co.uk
9 bttrack.com 9 redirects
9 pubads.g.doubleclick.net imasdk.googleapis.com
www.dailymail.co.uk
9 crta.dailymail.co.uk www.dailymail.co.uk
9 ce.lijit.com rtb.gumgum.com
ap.lijit.com
us-u.openx.net
9 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
9 prebid-server.rubiconproject.com www.dailymail.co.uk
imasdk.googleapis.com
9 api.permutive.com 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
9 trc.taboola.com 2 redirects cdn.taboola.com
www.dailymail.co.uk
srcdoc
9 js-sec.indexww.com www.dailymail.co.uk
ssum-sec.casalemedia.com
8 dmp.brand-display.com 8 redirects
8 u.openx.net www.dailymail.co.uk
us-u.openx.net
8 rtb.mfadsrvr.com 8 redirects
8 rtb.adentifi.com sync.bfmio.com
ads.pubmatic.com
us-u.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
eb2.3lift.com
8 sync.bfmio.com s.amazon-adsystem.com
sync.bfmio.com
srcdoc
8 images.taboola.com www.dailymail.co.uk
8 ssc.33across.com www.dailymail.co.uk
7 ads.scorecardresearch.com 3 redirects us-u.openx.net
www.dailymail.co.uk
7 fls-na.amazon-adsystem.com www.dailymail.co.uk
7 px.owneriq.net 7 redirects
7 a.tribalfusion.com 7 redirects
7 cdn.ampproject.org securepubads.g.doubleclick.net
cdn.ampproject.org
7 dsum.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
7 creativecdn.com 7 redirects
7 match.deepintent.com 5 redirects rtb.gumgum.com
us-u.openx.net
7 sync.ipredictive.com 7 redirects
7 secure-assets.rubiconproject.com 7 redirects
7 um.simpli.fi 7 redirects
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 idsync.rlcdn.com 4 redirects ads.pubmatic.com
us-u.openx.net
www.dailymail.co.uk
7 c2shb.ssp.yahoo.com www.dailymail.co.uk
7 tlx.3lift.com www.dailymail.co.uk
aax-us-east.amazon-adsystem.com
7 btlr.sharethrough.com www.dailymail.co.uk
7 id5-sync.com www.dailymail.co.uk
cdn.id5-sync.com
srcdoc
7 hulkprod.anm.co.uk www.dailymail.co.uk
hulkprod.anm.co.uk
6 rtd-tm.everesttech.net 2 redirects www.dailymail.co.uk
srcdoc
6 vop.sundaysky.com 6 redirects
6 j.mrpdata.net 6 redirects
6 uipglob.semasio.net 3 redirects www.dailymail.co.uk
6 sync.crwdcntrl.net 2 redirects www.dailymail.co.uk
ssum-sec.casalemedia.com
ssum.casalemedia.com
6 pixel.onaudience.com 6 redirects
6 openx2-match.dotomi.com 6 redirects
6 p.rfihub.com 5 redirects www.dailymail.co.uk
6 rtb.openx.net 3 redirects us-u.openx.net
u.openx.net
6 c1.adform.net 5 redirects ads.pubmatic.com
6 de.tynt.com 1 redirects www.dailymail.co.uk
6 ad.360yield.com 5 redirects ads.us.criteo.com
widget.va.us.criteo.com
www.dailymail.co.uk
6 sync.technoratimedia.com 6 redirects
6 sync.srv.stackadapt.com 6 redirects
6 stags.bluekai.com 5 redirects www.dailymail.co.uk
6 ad.turn.com 6 redirects
6 cs.emxdgt.com 6 redirects
6 taboola-supply-partners.tremorhub.com ch-match.taboola.com
imprchmp.taboola.com
srcdoc
6 m7hdh-2damu.ads.tremorhub.com 2 redirects www.dailymail.co.uk
6 htlb.casalemedia.com www.dailymail.co.uk
6 mailonline-us-d.openx.net www.dailymail.co.uk
6 tag.1rx.io www.dailymail.co.uk
5 m.dlx.addthis.com googleads.g.doubleclick.net
5 match.justpremium.com us-u.openx.net
5 ads.stickyadstv.com ads.us.criteo.com
widget.va.us.criteo.com
us-u.openx.net
5 match.taboola.com ads.pubmatic.com
srcdoc
5 us-wf.taboola.com vidstat.taboola.com
5 sync.extend.tv 5 redirects
5 tags.bluekai.com 3 redirects www.dailymail.co.uk
5 d.turn.com 4 redirects www.dailymail.co.uk
5 id.rlcdn.com 2 redirects us-u.openx.net
u.openx.net
5 px.ads.linkedin.com 4 redirects eus.rubiconproject.com
5 token.rubiconproject.com 5 redirects
5 beacon.lynx.cognitivlabs.com 4 redirects ads.pubmatic.com
5 s.ad.smaato.net 5 redirects ads.us.criteo.com
widget.va.us.criteo.com
5 ch-trc-events.taboola.com www.dailymail.co.uk
cdn.taboola.com
5 oa.openxcdn.net securepubads.g.doubleclick.net
4 sync.bumlam.com 4 redirects
4 creative.stackadapt.com googleads.g.doubleclick.net
4 choices.trustarc.com aax-us-east.amazon-adsystem.com
www.dailymail.co.uk
choices.truste.com
4 aa.agkn.com 2 redirects www.dailymail.co.uk
ads.pubmatic.com
4 visitor.fiftyt.com 4 redirects
4 reflex.imds-cdn.com vidstat.taboola.com
4 ib.3lift.com aax-us-east.amazon-adsystem.com
ib.3lift.com
4 r4---sn-ab5sznze.c.2mdn.net www.dailymail.co.uk
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
4 cdn.adnxs.com secure.adnxs.com
hb.adpone.com
4 simage4.pubmatic.com ads.pubmatic.com
4 sync.adotmob.com 4 redirects
4 p.adsymptotic.com 1 redirects eb2.3lift.com
de.tynt.com
4 googleads4.g.doubleclick.net www.dailymail.co.uk
ad.doubleclick.net
4 pm.w55c.net 4 redirects
4 gcdn.2mdn.net 4 redirects
4 ssp.behave.com 2 redirects www.dailymail.co.uk
4 ssbsync.smartadserver.com 1 redirects srcdoc
4 usersync.gumgum.com rtb.gumgum.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
ads.us.criteo.com
widget.va.us.criteo.com
4 assets.bounceexchange.com securepubads.g.doubleclick.net
tag.bounceexchange.com
assets.bounceexchange.com
4 cms.quantserve.com 4 redirects
4 trc-events.taboola.com cdn.taboola.com
4 search.spotxchange.com www.dailymail.co.uk
4 ads.adaptv.advertising.com www.dailymail.co.uk
4 www.newzit.com scripts.dailymail.co.uk
www.newzit.com
4 www.google-analytics.com www.dailymail.co.uk
4 t.dailymail.co.uk www.dailymail.co.uk
4 ted.dailymail.co.uk www.dailymail.co.uk
4 uk-script.dotmetrics.net www.dailymail.co.uk
uk-script.dotmetrics.net
4 scripts.dailymail.co.uk www.dailymail.co.uk
3 www.googletagmanager.com srcdoc
3 sync.go.sonobi.com 3 redirects
3 beacon-nf.rubiconproject.com www.dailymail.co.uk
3 sync.tidaltv.com 2 redirects www.dailymail.co.uk
3 odr.mookie1.com 3 redirects
3 dm-us.hybrid.ai 3 redirects
3 sync.smartadserver.com 3 redirects
3 cm-supply-web.gammaplatform.com us-u.openx.net
3 ssl.connextra.com www.dailymail.co.uk
ssl.connextra.com
3 tr.blismedia.com us-u.openx.net
3 openx.adhaven.com 3 redirects
3 openx-ums.acuityplatform.com 3 redirects
3 m.fg8dgt.com 3 redirects
3 match.bnmla.com 3 redirects
3 cm.adgrx.com 3 redirects
3 bid.g.doubleclick.net imasdk.googleapis.com
3 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
eb2.3lift.com
3 loadm.exelator.com 3 redirects
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 cdn.districtm.io 1 redirects s.amazon-adsystem.com
cdn.districtm.io
3 us-vid-events.taboola.com www.dailymail.co.uk
vidstat.taboola.com
3 aud.pubmatic.com www.dailymail.co.uk
3 as-sec.casalemedia.com js-sec.indexww.com
www.dailymail.co.uk
3 beacon.krxd.net crb.kargo.com
de.tynt.com
www.dailymail.co.uk
3 d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 video.dailymail.co.uk www.dailymail.co.uk
3 fff.dailymail.co.uk www.dailymail.co.uk
3 mb.moatads.com z.moatads.com
3 ad.doubleclick.net www.dailymail.co.uk
playtime.tubemogul.com
www.googletagservices.com
2 an.yandex.ru 1 redirects
2 ads.avct.cloud 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 cm.mgid.com 1 redirects
2 www.tns-counter.ru 1 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 x01.aidata.io 2 redirects
2 sync3.adsniper.ru 2 redirects
2 tubemogul-sync.dotomi.com 1 redirects www.dailymail.co.uk
2 d.agkn.com www.dailymail.co.uk
2 ib.mookie1.com 1 redirects
2 global.ib-ibi.com 2 redirects
2 ps.eyeota.net 1 redirects www.dailymail.co.uk
2 thrtle.com 1 redirects www.dailymail.co.uk
2 sasinator.realestate.com.au 1 redirects eb2.3lift.com
2 sportradarserving.com 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 vid-io-cle.springserve.com vpaid.springserve.com
2 uat-net.technoratimedia.com vpaid.springserve.com
2 tags.srv.stackadapt.com creative.stackadapt.com
2 vpaid.springserve.com reflex.imds-cdn.com
2 adservices.brandcdn.com ads.brandcdn.com
adservices.brandcdn.com
2 evm2.stackadapt.com googleads.g.doubleclick.net
2 vid.springserve.com reflex.imds-cdn.com
2 trace.mediago.io windaloop.com
2 i.clean.gg acdn.adnxs-simple.com
2 contango-cdn.technoratimedia.com reflex.imds-cdn.com
2 io.narrative.io 1 redirects www.dailymail.co.uk
2 match.adsby.bidtheatre.com 2 redirects
2 ads.playground.xyz 2 redirects
2 sync.resetdigital.co 2 redirects
2 core.iprom.net ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 gocm.c.appier.net 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 ssum.casalemedia.com srcdoc
2 playtime.tubemogul.com imasdk.googleapis.com
playtime.tubemogul.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 i.w55c.net 2 redirects
2 casale-match.dotomi.com 2 redirects
2 map.go.affec.tv 1 redirects de.tynt.com
2 event.clientgear.com 1 redirects crb.kargo.com
2 c.bing.com eb2.3lift.com
ads.us.criteo.com
widget.va.us.criteo.com
2 ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 ums.acuityplatform.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects ads.us.criteo.com
widget.va.us.criteo.com
www.dailymail.co.uk
2 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 r3---sn-ab5l6nzd.c.2mdn.net www.dailymail.co.uk
2 www.storygize.net 2 redirects
2 nep.advangelists.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 ch-match.taboola.com vidstat.taboola.com
2 us-match.taboola.com vidstat.taboola.com
2 rta2.newzit.com scripts.dailymail.co.uk
2 15.taboola.com cdn.taboola.com
2 usermatch.krxd.net 2 redirects
2 pippio.com 2 redirects
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.dailymail.co.uk
2 id.sharedid.org securepubads.g.doubleclick.net
www.dailymail.co.uk
2 krk.kargo.com www.dailymail.co.uk
2 klkstrm.kargo.com storage.cloud.kargo.com
2 context.iris.tv ovp.iris.tv
2 geo.moatads.com z.moatads.com
2 www.facebook.com www.dailymail.co.uk
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 storage.cloud.kargo.com www.dailymail.co.uk
storage.cloud.kargo.com
2 protect-us.mimecast.com 2 redirects
1 sync.springserve.com 1 redirects
1 t.adx.opera.com
1 image8.pubmatic.com onetag-sys.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 dmp.adform.net 1 redirects
1 playtime-tm.everesttech.net
1 rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
1 post.update.rubiconproject.com
1 beacon-iad2.rubiconproject.com
1 173bf10e.akstat.io s.go-mpulse.net
1 eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 sync3.sniperlog.ru
1 moveinc.demdex.net www.dailymail.co.uk
1 cm.t.tailtarget.com www.dailymail.co.uk
1 partners.tremorhub.com www.dailymail.co.uk
1 analytics.twitter.com www.dailymail.co.uk
1 cms.analytics.yahoo.com 1 redirects
1 uipus.semasio.net 1 redirects
1 5d0b6.v.fwmrm.net www.dailymail.co.uk
1 cdn.navdmp.com www.dailymail.co.uk
1 navdmp.com 1 redirects
1 mwzeom.zeotap.com www.dailymail.co.uk
1 bpi.rtactivate.com www.dailymail.co.uk
1 mid.rkdms.com www.dailymail.co.uk
1 cw.addthis.com www.dailymail.co.uk
1 sync.teads.tv www.dailymail.co.uk
1 s.thebrighttag.com www.dailymail.co.uk
1 tapestry.tapad.com www.dailymail.co.uk
1 idsync.reson8.com 1 redirects
1 sync-jp.im-apps.net www.dailymail.co.uk
1 east.srv.stackadapt.com googleads.g.doubleclick.net
1 sync.hgrtb.com 1 redirects
1 r5---sn-ab5l6nzr.c.2mdn.net www.dailymail.co.uk
1 cache.betweendigital.com ads.betweendigital.com
1 px.adhigh.net ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 srv.stackadapt.com googleads.g.doubleclick.net
1 ad-resources.brandcdn.com ads.brandcdn.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 crcdn01.adnxs-simple.com hb.adpone.com
1 vae-bid.adsrvr.org ib.3lift.com
1 choices.truste.com ib.3lift.com
1 ads.brandcdn.com www.dailymail.co.uk
1 spl.zeotap.com www.dailymail.co.uk
1 d2cli4kgl5uxre.cloudfront.net hb.adpone.com
1 cdn.mediago.io hb.adpone.com
1 acdn.adnxs-simple.com hb.adpone.com
1 s3-eu-west-1.amazonaws.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com www.dailymail.co.uk
1 ad4m.at ssum.casalemedia.com
1 r.bidswitch.net 1 redirects
1 d.adroll.com 1 redirects
1 538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 inv-nets.admixer.net 1 redirects
1 s.cpx.to us-u.openx.net
1 oxp.mxptint.net 1 redirects
1 contextual.media.net us-u.openx.net
ads.us.criteo.com
widget.va.us.criteo.com
1 dp1.33across.com 1 redirects
1 cms-xch.33across.com 1 redirects
1 d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 idr.cdnwidget.com www.dailymail.co.uk
1 cm.smadex.com 1 redirects
1 asf-tm.everesttech.net imasdk.googleapis.com
1 s.tribalfusion.com ads.pubmatic.com
1 cds.taboola.com cdn.taboola.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 pips.taboola.com cdn.taboola.com
1 api.bounceexchange.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 ads.yahoo.com eus.rubiconproject.com
ads.us.criteo.com
widget.va.us.criteo.com
www.dailymail.co.uk
1 tg.socdm.com 1 redirects
1 hde.tynt.com rtb.gumgum.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 tag.bounceexchange.com assets.bounceexchange.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 usr.undertone.com 1 redirects
1 sync.inmobi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 ch-vid-events.taboola.com www.dailymail.co.uk
1 imprchmp.taboola.com vidstat.taboola.com
1 wf.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 oajs.openx.net oa.openxcdn.net
1 secure.cdn.fastclick.net www.dailymail.co.uk
1 googlesync.permutive.com www.dailymail.co.uk
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 a.teads.tv www.dailymail.co.uk
1 hb-api.omnitagjs.com www.dailymail.co.uk
1 cdn.permutive.com 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
1 c.go-mpulse.net s.go-mpulse.net
1 cdn.jsdelivr.net www.dailymail.co.uk
1 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app www.dailymail.co.uk
1 api.btloader.com btloader.com
1 rules.quantcount.com secure.quantserve.com
1 ad-delivery.net www.dailymail.co.uk
1 stats.g.doubleclick.net www.dailymail.co.uk
1 connect.facebook.net www.dailymail.co.uk
1 secured.dailymail.co.uk www.dailymail.co.uk
1 ovp.iris.tv www.dailymail.co.uk
1 secure.quantserve.com www.dailymail.co.uk
1 btloader.com www.dailymail.co.uk
1 euasync01.admantx.com www.dailymail.co.uk
1 s.go-mpulse.net www.dailymail.co.uk
0 sy.eu.angsrvr.com Failed www.dailymail.co.uk
0 msec.xp1.ru4.com Failed www.dailymail.co.uk
0 sp.adbrn.com Failed www.dailymail.co.uk
0 cs.vdopia.com Failed www.dailymail.co.uk
0 adtag.primetime.adobe.com Failed www.dailymail.co.uk
0 public-prod-dspcookiematching.dmxleo.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 sp.analytics.yahoo.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 sync-criteo.ads.yieldmo.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 exchange.mediavine.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 matching.ivitrack.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 visitor.omnitagjs.com Failed ads.us.criteo.com
widget.va.us.criteo.com
0 criteo-sync.teads.tv Failed ads.us.criteo.com
widget.va.us.criteo.com
0 r.casalemedia.com Failed ads.us.criteo.com
widget.va.us.criteo.com
2832 421
Subject Issuer Validity Valid
*.dailymail.co.uk
DigiCert SHA2 Secure Server CA		 2021-12-25 -
2023-01-03		 a year crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.dotmetrics.net
Amazon		 2021-10-24 -
2022-11-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
dmgprivacyint.co.uk
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
secured.dailymail.co.uk
DigiCert SHA2 Secure Server CA		 2022-02-25 -
2022-11-15		 9 months crt.sh

SSL.com RSA SSL subCA		 2021-04-26 -
2022-05-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
kargo.com
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
iris.tv
Amazon		 2021-09-12 -
2022-10-11		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-25 -
2022-03-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-02-23 -
2022-05-24		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-03-17 -
2022-06-15		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-02-18 -
2022-05-19		 3 months crt.sh
newzit.com
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-02-17 -
2022-05-18		 3 months crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-02-16 -
2022-05-17		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
tag.bounceexchange.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-09-27		 a year crt.sh
*.wunderkind.co
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
cdn.includemodal.com
R3		 2022-02-28 -
2022-05-29		 3 months crt.sh
ws-na.assoc-amazon.com
Amazon		 2022-01-17 -
2023-01-16		 a year crt.sh
ids.cdnwidget.com
R3		 2022-02-12 -
2022-05-13		 3 months crt.sh
*.analyticssystems.net
E1		 2022-02-05 -
2022-05-06		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2021-09-13 -
2022-09-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-03-08 -
2022-05-17		 2 months crt.sh
fls-na.amazon-adsystem.com
Amazon		 2021-10-07 -
2022-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
idr.cdnwidget.com
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
cms-xch-chicago.33across.com
GTS CA 1D4		 2022-02-04 -
2022-05-05		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
loopme.me
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.tubemogul.com
DigiCert SHA2 Secure Server CA		 2020-04-07 -
2022-05-19		 2 years crt.sh
windaloop.com
Amazon		 2021-11-22 -
2022-12-21		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.imds-cdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-22		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-07		 a year crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-18 -
2022-06-16		 3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-15 -
2022-04-16		 3 months crt.sh
*.mediago.io
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.connextra.com
DigiCert SHA2 Secure Server CA		 2021-07-04 -
2022-07-13		 a year crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-22		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.brandcdn.com
Amazon		 2021-10-01 -
2022-10-30		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.technoratimedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-16 -
2022-10-05		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-06 -
2022-05-04		 3 months crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
*.stackadapt.com
Amazon		 2021-06-22 -
2022-07-21		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-02-25 -
2023-03-26		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
ltmse.com
R3		 2022-03-03 -
2022-06-01		 3 months crt.sh
*.gammaplatform.com
Go Daddy Secure Certificate Authority - G2		 2021-09-24 -
2022-08-14		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.betstream.betgenius.com
DigiCert SHA2 Secure Server CA		 2021-10-10 -
2022-10-11		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-01-30 -
2022-12-31		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.im-apps.net
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
signal.co
Entrust Certification Authority - L1K		 2022-02-24 -
2023-02-24		 a year crt.sh
*.360yield.com
Amazon		 2021-09-15 -
2022-10-14		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.rkdms.com
Entrust Certification Authority - L1K		 2021-10-04 -
2022-10-30		 a year crt.sh
rtactivate.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
update.rubiconproject.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.tmogul.com
DigiCert SHA2 Secure Server CA		 2020-07-14 -
2022-07-19		 2 years crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-21 -
2022-06-15		 6 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh

This page contains 385 frames:

Primary Page: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Frame ID: 8A038259BFF4EEB457CC30456881D042
Requests: 501 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E034E4089355FF6DF0EEB3A7D6FF9B2D
Requests: 1 HTTP requests in this frame

Frame: https://www.newzit.com/setABframe.html
Frame ID: F97472AA856CAF3876C339657AA8185E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: DA69587E15563BF5DE27F3D0767E29F6
Requests: 1 HTTP requests in this frame

Frame: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
Frame ID: B268B0E03482891025B1A7E5C1EA65A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E1A416E915FC348DF7E10B4B6C58ED98
Requests: 1 HTTP requests in this frame

Frame: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E80518581B80B29D20001C63FA136147
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Frame ID: 5AB02779AA2254546261E0115266AB81
Requests: 7 HTTP requests in this frame

Frame: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7029536B450B0C4E43AB98289C1491F4
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.casalemedia.com/um/cookieSync.html
Frame ID: 6AE2751C8A2531524086B0B235A9782B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dailymail.co.uk
Frame ID: 554B3864DA8C9A3133390A97A82B3D66
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: CEE35E97D5DD7937692968B7A0C5D7C9
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4706965&dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&cmcv=&pix=undefined&cb=1647594750305&uv=3143&tms=1647594750305&abt=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=669F32FC39106363362955637066&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E7573DD5224D45F88DD97A70B99351EF
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8ED56C15551F4E6B93F9AA4A178231B0
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4AB4D742F42371E04FFFC7D7273E1C78
Requests: 6 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 68B7223D5A51B2227E8A40405A7CB519
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 17F5FB50664DFB32955272D9CA38A276
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 97D5358C01FF1DD61FB22A283CC2AB0B
Requests: 5 HTTP requests in this frame

Frame: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Frame ID: 65BCA32DC7CBBA887DEA853CB20B5DA8
Requests: 5 HTTP requests in this frame

Frame: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Frame ID: EEE276F293BC0E1D8BE22AE3F75B94B2
Requests: 5 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstq4NgGvM0qc3UraS6PfxMESVRVvP27WcuU5gMwq_Z-x5OdL-3dWWZacQIDXy-pLnPWSKMGCRnJr3RbG8qfG9CDz8Deb25V30dlhhLg__wA4ZNJRE1ai8SsaRWichPKkHPyGWWLOGIdUSAaiiJivs1iz1WT_WDZYyJT4WclY9jMeUW7FWKMOIdzlLZATZLiw3ntdmVJdgmDHqK3_N6ve3F-lbpB-O-wyXxHafZVtRXYNBlf8PiU97xfMSxck9KP96xB2H1q1lGylu1XN-gWI26P4avgNJsKFIrAdvQOjzT-bniOEWqkyLpMoidwEBw3eJyFK6T8iMne4W6TIoxiTLD5_duVP1jZu0lOVg%26sig%3DCg0ArKJSzAq3ENYmXBmiEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Frame ID: 6E3FE3B731D8CFE9196649E4829585AE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: E733CDC1C3DE9AE8AA09C3594D0E0C54
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: B8DD25C147D882EF50AB3FB2E7020930
Requests: 10 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?pid=137
Frame ID: 1D45CE4552FA6C6025198E6E32B4F4F4
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=districtm
Frame ID: 0EA56B4BD9CF2140D3BDA31C48DE9825
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8297679604156303488&gdpr=0&gdpr_consent=
Frame ID: 534E61D6685E2A6ED06D3026287666F0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbf6_kKU0-QMAVGcRAAAAAAA&expiration=1647681150&is_secure=true
Frame ID: 6C9CA9E16358AB69B398C6FFC518A02F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOzYnxtgS0gmtmBm_sZL1Y_x6vUXPfNI1IrGt9ng
Frame ID: E2F93ABA6B24C892216552B92AC6BD78
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3142368608644553920
Frame ID: EAD8E5776A3D17173D4B7B36B1E26CC9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 5A99B3782C7E5CC20F4CFB5CA5B36C69
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4c54f48e0b62419f8f97f771c71e8375
Frame ID: 763420C7B51BBB561C52A3930A33D48A
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 72A619C93799B9EBC7921EAE25810AD5
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: B6452E29B24F03063D22197FEDEA8034
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B104449C4B51A8FD933EC4662791A2E1
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: F30DB2ECD27B2F01FCC4E4537DD25CFA
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wYWNJd1ZoRTJ1TDF3aDdsLnpBZWNMQ0xrYy5yNjNqSn5B
Frame ID: 90B6BFD73ACAEB90C65C6A3187280CAE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=appnexus.com
Frame ID: 1CCD0292AE573692B1E2E6196793E87C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 6F24F99AAC99626705A63A0AAFFFD238
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2230631680262455077259
Frame ID: A1DB78DC7BD5DC79B24F572EFFB17693
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 8F33F8CB0E3AC2837FF43F98ED11F1E8
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=&gdpr_consent=
Frame ID: D4DB1B62EAE37E82D1B9F208A9752B6C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YjRM-gAN66WnSAAy&gdpr=&gdpr_consent=
Frame ID: E0B3132571E5159975C97B89EE3AB4F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81NWUzZWYwMS05MDdiLTRlODEtODdjMi1mNDQzYjcyNGYyMGI=&gdpr=&gdpr_consent=
Frame ID: 01A793A7C1B077E9BF80DCB785E73C8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 464632539927D41B1698EF093B3F6CA9
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Frame ID: 3AFCFF1E69D6B2DC8273B890C88B917D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=f67a371d-f285-4ca2-be6f-f2af79502cb4&t=1650186750
Frame ID: 171490FD4FD8632B474D7DA152EB1EC9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B93921C374ECFB5732FE46D741613507
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6359460436251910749brt57461647594750670190ab
Frame ID: 8DB95D48DAD060AB663497517E137D18
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YjRM-8Co8XgAAKuqQKkAAAAA
Frame ID: 284EB599D69FB6E291124CFD6D4C8B55
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=5sXF81LhMv9MWGJQujci&pi=gumgum&tc=1
Frame ID: 39C9C3B80D0870A9AAE5A721F56311E4
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: E321D44BAF6F8E28DEA1F7CF881E2850
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 7FFB0606FECAFC677449E7C7F1A3AEEE
Requests: 17 HTTP requests in this frame

Frame: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Frame ID: 958F716121819D980F3B502103665A69
Requests: 5 HTTP requests in this frame

Frame: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 41F79F66826FD7087E5760729CEB3870
Requests: 39 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 3B03F4D33C48D77DD8D0359B1211ECF1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 0B82E5597A49DD80F7CE00BB65A19B85
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7B2517E8792C17BAD846BBDCA6E97D10
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 23471BAD428C1676225583306A15F581
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 9768C534C0B317E82F7550B0DEAD54B9
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: CCF333055B8DE0928CDE25ACD7358E15
Requests: 3 HTTP requests in this frame

Frame: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 525E3C7A488A944DBBCB84B3AB3F53B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: EA9C931787FBAA5E3F074B1A17093546
Requests: 24 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Frame ID: 4EE0B1AB23E0F291815EA64B5B84A9ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Frame ID: 9150C923F452C739BA7040C2A15524B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Frame ID: 251D06D602930EAE3BB6D937EB58DA39
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGn007EaJoAAAyap1piaQ
Frame ID: 439B9A3F75C84F86112AE3FACBA7E9FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B10E97398F691C10267B45A774183ADD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_174ff51fcf874097873f0
Frame ID: 8F709AF223B517C9AFDDA7E8A402AC21
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IXpJUf0fTLpw23126tpzuWAJ-So
Frame ID: 366CA6C13CCDA43AD1B5E1390C39E415
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Frame ID: 3C69ADFBD08F97AC76EE6AF659B07E9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8af7dc84-a69b-11ec-9692-13cc52d00862
Frame ID: 027EFD66E700D87B8DB0F9C3499C2541
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2ADD0468DBE5F7D0DABA27E24F949382
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mXDI4agD1Nv8EU5&gdpr=0&gdpr_consent=
Frame ID: 7057D5B0B826F2D2DE6D89C05F001DC8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=656893234070
Frame ID: 15E7B756B21EFD03C0C4A582F0AD3F50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=dda93a40-6aab-4712-aa91-e6ce437f8a4e
Frame ID: 4877E9ED04DAF9F31CEE4858B653BA51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Frame ID: 1F65F817D19F04D4CA79B0496E2E735D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7008811521702904394
Frame ID: F25BA9969BF337E2D5F73FBF65795EC6
Requests: 1 HTTP requests in this frame

Frame: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5E16F1FA647ECCA973E66C9F14DB4A84
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 59200FC449494246175B02D1D25FD47A
Requests: 27 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: A90004352DAC27B086AAFD1D9BB074D0
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 700D66DD32FA5D151B52A004BC9B1F24
Requests: 11 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=1&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 067629303E5DA96200E676522E0895BC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Frame ID: 21738BB0CB5F1CCD61D6F138EA368A3C
Requests: 10 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=0&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: ACB5B7D821A4C58160C998C68FF6AD41
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3ABFB4F5ED37F0F43B3472BD565E8AD5
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Frame ID: C85C20EFB64D3BECA57E830ABFC192F8
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Frame ID: BE263A7629F53B25532C7C2A222CD904
Requests: 10 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=2&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 5E1F7BD9E82A540E72F0A4BA1D0C7815
Requests: 2 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 1C2529D13AF3C939B5B2547BEDA791F9
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 03000D1AB5A2866E49525F780AFC362D
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=4&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F2A7F66137A81E9D02CEB6FAC9B1BD9F
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8FAB923D75214910E36F537D588B16F0
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9A7D44B581FE63B66C4C99971F8F1AD0
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BCA1A02A943FC393A0B41FA21609F2BF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FCEE575800FCC14C4992DE3FD6599C30
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Frame ID: F2A321FC921561E2B8A292FB42815F4D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2D8A1514257F5F912FF858B5719AD6DC
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 293F707FDD48063B16CAA8C319C2CABF
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C80FB3FAAC7924D65C47B5901A9E26A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3AD7C071F0406E7803209C37E0635B3C
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Frame ID: B45332A48D5303E83C0F3C6748DC6F86
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Frame ID: AEAE6F29EDA93A4D12B96869CA07EB27
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7B82B8CFACF26652436E9D93271A5DB3
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DC25B42BD7EEFE433EEA74D7A8B46D65
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E2B8F97F86A938B7C5500D9B65F89533
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 93D9CE08265BDB4A6C32790909D509B3
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 42D7DC31D5E2892B0CE86BEC3A3CEEF5
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B6184C8CE78E8516C7A7B74FE3FE88DE
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 683DE8E5D6F150EC74255600D2D9CF9A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E0635E03C7483FA1A7EE418CD70DA325
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: B464C1E4DF032DBC403FD3BDCE83BCFD
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.casalemedia.com/um/cookieSync.html
Frame ID: 2AC6741F4896687DC0D084EF4B2C49E2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 3FD01112E84104FAEE9D5FCB49BE8094
Requests: 28 HTTP requests in this frame

Frame: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 95B65AC37BB178DD94428362E6B1A802
Requests: 18 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: D60F1EBB008A2E4118BBA0F814C33FA7
Requests: 23 HTTP requests in this frame

Frame: https://d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2A9701531B69C89E5295CEFF5F02AE5D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A4C23F39AE5B8BF314DA482E5E75D8EB
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8331ED5CEF86510DC994538F1E269144
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 603005374F284A3FB087FC7D91C1A0F2
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 94C39152FC830D3FC8C15BCE574EEB3A
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 3CC1DD587099202D0B785448A1CEFD92
Requests: 81 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: E0C22858CD67D8411C11736424F69BCD
Requests: 12 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: B2705FEA8C577F271E5CFC09DC7C9ACB
Requests: 12 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: C58C495466EA8C87EAE964B06429ADA4
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DC18446880173CD62A9FA9429EFB5162
Requests: 9 HTTP requests in this frame

Frame: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BA57ECF59ADF4347ABEEAD4DD78F87E1
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.casalemedia.com/um/cookieSync.html
Frame ID: 1ADCD0DFA1003723153FD5F763D87AD0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 9755DD4CC54E0E0AE1495AA9046DB12B
Requests: 12 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: A42663FCE7514EB7E5C1A0FB1EB046DD
Requests: 2 HTTP requests in this frame

Frame: https://6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1AD7926C7CC723A685E2998200EE5588
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=1922&pub_id=2039057
Frame ID: 24B40BD88AB3D486CD048A2FC55597C7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.casalemedia.com/um/cookieSync.html
Frame ID: 1856BAD199E5BB40BF99810EC8C343FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F040F1A895EC6746A8C86F9E454E8103
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FE0A5C5D9F9CFE670C1FA36D4C26C33
Requests: 2 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 630765C683A2C5B9C9B795C23F4FD709
Requests: 12 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: ED83589AA6AEFBE8D3EE60CA1E71935B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6D37643711D6300B988CA45F925D8C29
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4941149B2BC7EC70382898CAFC7817B6
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: E643578F69FC655F2426BC6A8983F568
Requests: 8 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=xfiyobfi&e=1556073704375
Frame ID: D1BD33AA19A6F25E9AF811FE625D53E2
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=tummowyqmc&e=1556073704375
Frame ID: EFBF17BCC8FC8D527D06E0E390656043
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=fnsegoyqoh&e=1556073704375
Frame ID: 9B08A003D818BE4EDF5A2EB2483152C2
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Frame ID: E82CFFB1C2349201CC9CE9447E842A45
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=ydwnmumrxe&e=1556073704375
Frame ID: 8682D28A7BA62F17D651B78555032ADD
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=uijfnrjjdk&e=1556073704375
Frame ID: 3C24FF3D58A81FD465C1958903E58F1A
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=iujttgih&e=1556073704375
Frame ID: D6D9A339ED1EDD500A5121B7A5E54505
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=cudywlknjo&e=1556073704375
Frame ID: 72664488A2D60D8B03AC26278930C26E
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=cmmelq&e=1556073704375
Frame ID: EF0D5E394F9625D9BA97440E4F6C2FE3
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=meemooeee&e=1556073704375
Frame ID: D683FC1913DAB6575902D74AF972665C
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=oencvor&e=1556073704375
Frame ID: 287C4BFE2BFF04E87CB4A9A52C775F66
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=xwxbhdhfo&e=1556073704375
Frame ID: 5BE97842E2C88A5DE48F391F96C2F5EC
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=tvbayjx&e=1556073704375
Frame ID: C08C187F94C034D327C0B4A8FCB2EAAC
Requests: 12 HTTP requests in this frame

Frame: https://windaloop.com/r/p.html?f=vblctxybyam&e=1556073704375
Frame ID: 6AFA2089AF5E3B8FCD9445A673D86A5A
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86C86D3FCFC9A82C0FF6A9A09737EABE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58B013A1592E0D93870326B9D4147C23
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.casalemedia.com/um/cookieSync.html
Frame ID: 654F12A527FA7FE3B501C3A3ACB75C1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77AF4E554D2E0B3731D3CC0D2BFF9F2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 706BD966F3DA62FF8999E5F84FCF71E3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: B4CFC61FC7054C914D741591BBB6D2F1
Requests: 16 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Frame ID: 8472A56B1767A3B288DE2615E6CC6B64
Requests: 3 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Frame ID: F83232D9B34B9C40A319263388468F28
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 19FF1A82DB88EB00515F9EDD179B4F8C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: AA1B3CA4D073492031ACCE572C64CAD2
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 37B9DF02FF6E5808D573C746BCFD4806
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: 2831305CFC3D9159877A09C35981A5F0
Requests: 7 HTTP requests in this frame

Frame: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Frame ID: 87A6DC7D51A469A4593080D77D059053
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 478EAA40CAD8E33A20180DE5A0244496
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 240B7EEFF807EAA88E35473C60129DA6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 0B4AB5DA8D77EC31D57C86F7DEE980E1
Requests: 7 HTTP requests in this frame

Frame: https://538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 44FB3494C52F0444EF261EC95696D422
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Frame ID: 188BDD3C2C7E82BD1F0080191DDA52B1
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Frame ID: FC7BA5EA465057CB82BB67EC7CC97634
Requests: 4 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: F69D7C4429070D78B65624BFD495037A
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsXwd6hiteC-tJ2_dtVHR7XM8437MSDPJJmwxdzhPqhtNckeUGF7iHovZ-LCR8VurC0U9zNAV_cDE01LI5R8xwMxYWX6UdrckP9vBZJSWoet-2HFTys-pUlHpB1-ecd5XIW2UYm3hHmi9rwpuf98o85O5ep6snWgSkVZqHIFXAy_yF60KnQYjBTGwrU1L0YrtgRnB0hhZJCkspEcSeipfIjN7ZF-cMh1G--h3hSCsIjokLv9hpgM0YOxdp3KtFZh__G7davCz2yiH9riJjnFmMALcf9HelvAxhEGNo2jMCkfas97lwEsQy-2YNvhecQTGYVDq1kz5T3w&sig=Cg0ArKJSzM33C1klcuM5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A92B8D80F1DB23C7115C1555CC091F35
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: A05C11ABA490BFC44161EC8EC920D438
Requests: 2 HTTP requests in this frame

Frame: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Frame ID: 364445FC0A9BEA65DDC46FEAA8B22BA4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 8635789BAE842BB6D877EA6CFD22B23A
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Frame ID: 45A55345A71CCE65E18FE29D3A611DE6
Requests: 25 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=5bckxl9Yc0JqbWJzc2Z2UUZRUU5EdkVPd01nNzBnN1NBOFhqVm1SMkw3SWlhazBsZWElMkZqWDRCWTNHJTJCZEFqYWdCMUttVnNBTzdkWlVLYWNyUVhvSUxLWGduMFBSdzZNYzB5c3dEbXVtM3lacllLYm9RZUt1cFNzM21wcFlsVjhQZCUyQnklMkZTJTJCZXhMM2FyenlWZyUyRnhPTzJ0V2pZU0ElMkZMZkl0Zm4waGZSJTJCeiUyQkRJbXM0Y3JCUDVSRUdsTk9tdjdQb0V3aWRvN3VZZ3VMYkdPRjhTUDhJcXY3NDhjeFM0QUVWV0NJaiUyRnZHWFQxUUwlMkZTRERPMUdmN2FEVW5nWE5iUTl6eU90dE9ta044WEtONCUyQnUlMkZUSTVtc250enFRUXg3eWdFWDdSbjZpVU1uME5JZ2RXWTI1U2cwM1pFdklMSG1CY2N5TDBUQjZQVUtDSmFUUWdPOHIzTmdYTkRjQlZpR09wRVM3TzhYUnpjRjBya0M5STQ2SWNrd2FuZks4dkl0RU5FaVNFNFI5MiUyRjFUaEJsMGxXRkdsNkIlMkJxa2NXNFNiJTJGJTJGQUxYJTJCcHJzQjBUNGVxcnp0cGhWTGZRMk5RaG1BVTBYRjdYaWY5a2RFUTZQVG1OWllvRGlkZWl0a0F5TW1LWlJURUJoZGpDYnUzeFBNSzBtUWYxTSUzRA
Frame ID: F7840B90A9D01A270AEBCAFFCD0A13D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Frame ID: 45C371491F23ED3D382902EC00D6B59F
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=mNmLIF9samJQQ2RIbG9CakN6VXdVQzRsaTQ1Z0d3TUp5a2NTbFElMkZxU3g5eVpFTnpSeUF0ckJsd2JBN0FES3ZEQjJmTmdlOW1Ya1FlRUNySjNpcDZzSDVKc05vRGJ1Sm1iTngxVVdhdUVwblZ0aHhzOWk4UW9WZ1ZqWmlWaDNHQ3R6dDJRU2dCMWtGdWsxUktWQ2VKWnFuRWlyN0lzMVZOdlJ0cEs1akJpcG10MzZLT3p5RUl6OE1OdWR1QldnSzFnQzVKMlFNYlhTbXp3MXk0UktUeFFGbjFwdHI0ZE9iTFFQT3dTVWw1VGZKRzJKbVJXWFRFNmZWR2p6NHZKdWZ2eWJheHZHZGt3WU1DUUc0JTJCOVJWMEI3bzFwdm5jV2tDaHA1SFhFZjkxWWRQU2FQZkFXWUglMkJwRHA4bXBCNHdKREtEREY1JTJGN2pZdjFzNHU2YjRpMXlFaXlNbzl1c1lEUklqalpJTlY4aG1CU2JDejlTaHY4UXNTTHVBNGU1Mng0OUw2QSUyQlJsdnAyRVRtQnFuQ3RUJTJGWmR3d0JnUkpKdkR3aWVWZTNFNXFxZiUyRjBHTFNqNkNwQWNwM2JuVFhWNUclMkYwSlFqaFU5SmNhcUlHb3NnS2ZPd2NJWGhYY0pZYUxQaVBxNTYlMkJqTDdSd2d4STRiZkRKVSUzRA
Frame ID: DFF67A9E6741EF84B6AFF28FB023784D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Frame ID: 42DB348B68040535C2EB1F0FDB0A5699
Requests: 26 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=27zkf19QNU9WWiUyRkZ4cXFjakJ1TkJzTkF2cThpZjR4dmdFTmt0NW9WYWwwS25hOVVJZ084N0ZOc0tKcGxSUDQ3eWtrTGpjT3ZlTzd5cm43OEY3JTJCaVVmNGxWbUNReE9QRjdYOE5NQjFkTlhLZ0JMWG16a1Z3ZWNvY0F1TUNOVWlYcEVOTW1DbkFsMG44dnI4NjRTbEo0d1dWcGFhdHUxZlRydUNSYm5vSW5vUGFXVlltWmlJaG43UU5HdFhETG5wbnlqNHRBd1c0YkdmMDV1JTJCQWdUeXZSQ0c5ZllDWjlEckFYJTJGVk54WU1KTzZDQ3JpNVd3SHBZMVJwSHU0czZqZGc1UG9rdkFHQTRhektuTENPYUpqNlhHUjBOY1d3NWdsTmdVVDZYb2psNUQwRzhqWEhENmI3OGh6RUFKQmxpVTRCM0FZREI5NVlWbUtMJTJCZmxlQ0NsOVFyaUhQS3lEaEpscjA4QXJJanUxaE16RE5tVU9pWE1CSmFqaG50WlRyUzZyN00lMkZpSEZzVkNxajhBZ04xc005ZzFWa3FwaVMybGJKcnMyTHFPcWdKbDNxc09hZHlvajBuU0tUaGlVSG1Ba3pNS2EyUyUyQmZMTFIlMkZiRHp6JTJGTFhldlNlN012cXNjR2ZYTGRlQmdMQ0xFUGhPaUJPUlJxbyUzRA
Frame ID: 0C235E77B5B8946643A887AE7A35BA2B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Frame ID: C95DCD9E615D038A09FCBEA6BF901A5A
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=_dqYJ19pTHRKdDFNQzVUbUUlMkZyYkxBSkJUUHdMMmw3YjlUV1dremo1bkF0TnlxWFRreUYxSUx1aFUlMkZ0dlJ6NWlhbGRBbEhYWTJ1alU4WEZjN1U3NGl1SWhEUGZ4QkRFV29VY3hRbVlxMVhVVjYzUVVIbmRyR1VPcnJoYTZGMVNjQzQzZ1RLV2ZKU3IlMkZWRm5SSU9rbElldHFvS3c3NFVtMEV2SzF5dEElMkZoYnppd1YwSmVPJTJCZ3klMkZLMnFROTdTWG53b3VtOG5pTWZpRUhVRGFQbTRaV3I5WFZPJTJCdEZYSFVKSEhsWk9DZmJaMWJNRzMlMkZNTHdxNGFhdDNFemtJUjd3MEVMWjhHU1RLdGxsNFJ3aGExTyUyRnFUQUxJd2lwQUdBOTFaUDd4MGtqdHJ1WHRqWGpFJTJGZFdSN3dIbSUyQmVLZExXeVdIdEZ5UVJNNXZiZmt2Z1ZUYlZiaGZyMmRjSmY2ME80eThIWnRmczlJaFQ5THJsWlRFS3Z4WmVURXlLRlhZY0pWejk4TlpObENLWDQlMkJCTHlRMzdHY1ZJdTUwJTJGWmJmUUslMkZqaFU0WnRXYjBBbWMlMkJaV3JSR0VMYVdGOG5kOGpiSU9QeEJWJTJGR3pyNlNLY3BiJTJGN1NiMlNqZ29QNDFxTmpXNFBpaGVPUzE1aW1ydCUyRmk3VkpLUSUzRA
Frame ID: 6BD644179241C931018D7A3541431204
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: C89C6D3E9DBC859D3DE6EB5CAF2285DF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB13753F640A31A608B4272A2C5933B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2448B6F9CA5773761B6923815F3FE4F
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/NBCSports/selector/client?client=NBCSports&placement=DDM_APN_US_Sports_ACQ_300x250&_cb=1805027443&apnauc=3747064854672751328&bidid=3747064854672751328&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?TwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjUyNjk=/bn=90745/clickenc=
Frame ID: BDBF61F57215A7CBFB1596EC6F24C583
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Frame ID: FAB1D5AAD9809EEFD447AD350E5087DF
Requests: 3 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QLLDfDtywYAAAMA1gAFAQiEmtGRBhDg9fronvSPgDQY3cTIz6ry1aBYKjYJTwE8aW1poj8R6uLrtgQ2kz8ZAAAA4KNwzT8hBW7bgwmNmj8pNe84RUdyqT8xAAAAQOF6hD8wyY3bCziYUECYOUgCUPOelZwBWLmrlwFgAGi44bkBePnEBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA1NzAwODE1LCAxNjQ3NTk0NzU2KTt1ZignaScsIDY1ODY1MjcsIDE2NDc1OTQ3NTYpOwEdBGcnATEUNzM3NDEwAQoENDcuHgAwcicsIDMyNzUwMzczMTYfAPCLkgKFBCFHbVZvMHdqdHFNb1lFUE9lbFp3QkdBQWd1YXVYQVRBQ09BQkFBRWlZT1ZESmpkc0xXQUJnN1FWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFReG02aXNsY3FrX3dRRU1adW9ySlhLcFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdmZ1pJRDlRR1VrNjg5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1qWTU0QVB2TFlBRTVKejhCNGdFOTV6OEI1QUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ54QUFBSWdGbFNtUUJaZXdVS2tGUWJlWE5FYnI3RC14QgUnVENVZXVnX3dRVTBNek16amRMZlA4a0YBOxx3TW9SeGpfUgkoCQEIMlFVCQnAQUR3UC1BRjZpYndCWUxKX1FmNEJjXzUyd0tDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCagFeOE16TS1jX3FBWUVzZ1lrQwWACQEARR0MAEcdDABJHQw4dUFZS5oCmQEhbXhPSnBBOgkCMExtcmx3RWdBQ2dBTVQZbUxPZ2xPV1UweU9qVXlOamxBN3kxSglzFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXzgOEQ4LtgCAOACm4VO6gIcaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL_ICEQoGQURWX0lEEgc1aUkc8gISCgZDUEcBFAQIMW0jGPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BUREPEAsKB0NQFQ4QEAoFSU8BWSAHNjU4NjUyN_IBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3w5QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUyNjnaBAIIAeAEAfAE856VnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWosRb6BQQIABAAkAYAmAYAogYPMTAyNjQjTllNMjo1MzYxuAYAwQYABTUo8D_QBqkl2gYWChAFEB0BWBAAGADgBgHyBnIIl7BQEmw2aEZQRkUwQWXYREFBa0NCUUVJcy1DTUNCQ2IwYnNDR0l1V253TWdCeWdBUUtHazNRZEl0YVRkQjFEdkxWanhLWJ0aEEhnQWdRHRBsSWdCQUpBQkFKb0JBZ2dBgAcBiAcAoAcBugcPCAWKRCAAMAA43B5AAMgH-cQF0gcNCQmrBDRAAagI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=45048d90fd98dac4202dca8035d7fea3a824a80f&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2F,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Duijfnrjjdk%26e%3D1556073704375,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Duijfnrjjdk%26e%3D1556073704375&
Frame ID: B5385BEA95A4FB099C65EF3C67E55020
Requests: 5 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Frame ID: F5EFA8B1928F398D08BCA94384A89434
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=pwz2nF9qeHlaSHZMJTJCWXlIYW8zME8xd1RxSWF3OWtVQSUyRjdqNVJWcWc3cENQQkVCTG9HdVllTlpBclJhbFpKQ2prcm5VZjFUTmtEblElMkZiJTJGdkQlMkJINmcwOXBjWDZMZnk4M1VyTndMbkduNlclMkJFMHFvTVFwJTJGUVNhOXhXWmgyZEphSU9sV3F6QnRQbUhONDNSa092U2QwR1B2YkdEdWpLMXI2bmElMkYzWVF6d2paY3FnckYlMkZYQ29ra2EzbUNJQVd0YnhXNWsyaCUyRlRoNHlsbGo4emRwcXF2d2ljTTM1Sld2NElxSWdFMnhXSDBtT0Q4MlpFcVExVEppNGdibmglMkYlMkZnVjVTbk9DdjYwVVBhYkFCS1lYbFVPZHMlMkZGODZ5TDRmJTJGTmxuVkJHelVhQm05UUxjN2VZNTBnUmxtNElZS0J5b1hsUW1ONlpQMzRlaHZ4WUFnaUJ1NUNrZzV1cnl4ZGdpM2tiQ20yUXYlMkZCTlFYZ05SMXFBZXNrM2U4RnJBJTJCTXdQWk84N0dkWUt2c01IUU5uOVFEdk8wZnNEbFBHcFVzOXkwUHpWMmR3cWNrZXk3NmtuJTJGMkRKVm1HRHolMkI2WGlBMW5ia0VNZE53QyUyRmNab1hrc25HaVN0R012bW5QQXFnN0pBODU2TUhQTjlQZjQ4dkhFMGFXVGVFJTNE
Frame ID: 7AF4F2CBEA108D3B9BF951318960C5C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Frame ID: 8724E5A426DA1E9B032A8324BC01AD51
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=Kx64lF9mZk83ajhmREtkbGVISHlhTkVxSlpreTlzZlV2MG5sem55dzc4TXRVN0VDUFVTbW9mUko0YjZ6N3lOVXklMkY5OU9nZGlESEtwZ3JDMWh1bHNFNEJLRkRORTU2NCUyQlNyTlpIYzRLNXVkV1MyOWlmT2NHa2d4TUszMVZOemElMkJLcndNdjRkZGpMQURJdzRvJTJGa0tUTDRtSTFwSjhXUzBqJTJCMDNaZTFaS1NGRGpkdHRubFRMYVo4ZkpRQ3VMZWRiJTJGSnViMkZXbktvUjElMkJ0ZSUyQiUyRkFQTTNQZkIlMkJzQW5DJTJGUGgxc1BBbllRNWg1M0V2eEpoMUN6YUFEVG13RTFIQkd3VjJwaHRVNFFjb2dLYWx5cGttQ3ZYRWZvJTJCaklQbXFmSDVjeW5MdjV0ZGdZUkRkNnRrdlZGNE5ma0gzWmRGbk5YSG5McVpOY3BBQm1jU0F2RnNWbUFlSjMzSUhJaFVhMFVZNlZGMUZDQ1lMQ3B3RjhzWVE0WjhoeU5ROWklMkJsSlJVaHolMkJYY2NvQUwzUzdqdzk0MmRlJTJCZDNYdG92QnUlMkY3b05uZmU4VXVCTFR6RyUyRnNYZ1JjYmx2SXZ5enV5TDVoJTJCTmlOTG00WnB0aWNFTTh3aVZTMlpzaGoweDZ1elhNdVdRTmVmNzBXRUlLUUVlWXdNY2dJZyUzRA
Frame ID: C2189640DC4598607C24B3E30AF441DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 82B35B07D9DFC227B844361DC693BEE4
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Frame ID: 999A6BF3A19624505B2A222D72554FC7
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=tddd1V9rUlIzcElmNlUzZnhSbVc2RUo3NnpBeWxmNmglMkJBUjlxZWhnOVFJcTRiWVVseTZKdHBPRWN3V21sOWk1TlBuekxjdGFMdEFnSU5za2lKVHY4b1hUTEQ0WDR4VDBPcG53SCUyQnlWRjg4YXdVblE3NlQ1dGtOOVRXQkxoaTdmbWtVZlQ4ZkExWFVLdHpLRERhYmhUaUhBbjd3Yk1vZGh6dlI2b0pRYkFEQlVOZmRQaXhNdCUyQjNNd1UwYjJXd3pwSFdVTzcyZ2xjclNKdCUyRk9oRkolMkJUVkVYUFpCNDViOTdpJTJGN1R1ZkpRYWxXcGZUYXFIT1F4YVhNaVBUNjJkNCUyRllZOFgyVFFsNXVVck9oSzZ6dGp2WG1XSUZhN0klMkZYZzhPSldvUDNlc0FRUkVIckwlMkJteHNzalhHWG1MRFIxWGZndWpnJTJCMTlrcHJyeiUyQkdoMTRmJTJCb0tTbElBcUQlMkZ3cGtYT2FOSlVxSHlhJTJGNEhKbmN6OFNwRWc2eml3dU0xNDh3NnhiQU9STFZPaGFJZnNkandaJTJCcFRmcmJoaWxJTWpPJTJGVFExdVB3dzNZVXclMkIycnJkTlRlYXdxdTJ5Vlc0bllIYXpJUnVIWWtBc1p5dkoxRXVlZHpOQnNHU1poZ3BWVklqRXJCNFRiT25hbnM4ZXhWZXhwWGslM0Q
Frame ID: FF85D938B3B6DD15D00D5C9A767EB19C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Frame ID: 9E9617FD7610589E827DE6AF6D552C33
Requests: 27 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=OVpdoV9qUklmNnprcU5HUDMlMkJVVzY0V1hPM2JwWUp1YUlrbHhxSEoyNTVVRlRWMDVSZGpTdGtwcmc4bzdyYTRHNU51WDRQSmhlMXRjYXF4VmNxTnhzWmdZN2V1RXhuJTJGejJBWThqJTJGTThxYmptZllmMTFIRDZLanFRZUlKYUNYZ1BuTkhxNHJwbUt6dlhsNmU4VEY1VUZrWDJmMEVZVmFCcE5RM0JDVUwycE1EciUyQlI1R1NyU21GJTJCT0RVN0ROMGZ5ODM4ZDRPUEJQV2JVU0FuNFNmd3R2Qmhsa3F4RkE4UklzUm90QmlHQ0JCY3UlMkJ1JTJGOERMZ1I4MTNDdiUyQjdOejlkOEtnZ0d4aENQdXZJRlRtQk1WVkRrJTJGUzdpV1RLNDNhU1Q5U2FYeGJ4RlRQUHJ0QlBsVDVrRWFJWWlPQWFkcENhNUE2cUUlMkZBa0dlTGxqcDdQRlV5TnFTWmJoMzNZdUlqNXFvU255WDZjWWhQREpTcURzWjFWSUJZc3hLTEhPZW1keWJjcHVpbllsYkVxQTBtclFkbTJEYU5EbmdhcGZPTVEzJTJCRW00JTJCbHZya1hVb1M2M2xudmxzJTJCWkdEU1I4UVlvWjllN0h5aDdtQ2NpbHZwQ0JqJTJCJTJCb1hDWUgzMEV1amExZiUyRiUyQmtzU1l4Um03ajU3Y25hdUElM0Q
Frame ID: 2B49FB779E8DA45C00C04E427C8E58E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Frame ID: 6DB45AC89AC7B74DE1F47D8386386639
Requests: 28 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=EA6wOV9tJTJCUjF0YlplOVBtR1d6dFA2VzhkJTJCOVRsb251T1NpSGhWS1RPM3clMkJJQlpiaWFJektXQVUlMkJDZHJLWGJRem44UCUyQmtkUjJKdiUyQkN3RyUyRkhwRyUyRiUyQjdzSlI3aU9NUzFLYURPZVY1MDJlJTJGRTdOQUtWb3MyTTI5S2UlMkJiNmlpU3hCRG9RTCUyQm51R2pkdFg2YWlDMkhzS1A4WUh3JTJCOHp4dlIlMkJ5OWFQSWJPMEFaNlBnJTJGZWhWNXJ6SlFjOXJWTWpuR3RQNlJ0QVRRVDFuJTJGVXZHQ09VTzVzOFkzcERHTmVqeEI5QVBSdUhCRzJjU1VYcVlJYlVKJTJCYVhyUHlsTnVhUGpHRkNNUEs3VkQ4VkYxeElTYjJZbDRXWGVuQkNpZVZINHZWNGZXY2ZDamxHcG1oTUdHbXZjUkQzTyUyRm9wZTRNRFN0T003OHBibHRXREh6VnB6SUZXRXpZeWZLS0tVMWJPUUNaWk1JUEdsVkgzSUdiU3VseVRMQ3J4cSUyRjF0ZFRiUk1kcTJxR2JhN0VyVmt5OCUyRnc4WWtydCUyRklQblIxJTJGUURuWHdYMHM2VGdHOHFwbllIQmlYeXZsSTFvNFRXdWVrVGt0bnlzUW1oMEdMJTJGZ0FWQXJFRG5KUnZKVVhoMzZDQ0xsQnY2UFZ0OW4zWWROcnFKRUZydUElM0Q
Frame ID: C55013FE21F99B17334CE493D9AA5471
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Frame ID: EC20E02FF841A46AC17DF7481191B0D8
Requests: 28 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=gmEFjF9kU01SMFFaciUyQkglMkJkeHlEakdxZmVnUnByTTVKVHFtc3UybTglMkZHJTJGYUJDWWhpdUZUb3FIRVBDcGdXcyUyRnYybjc2JTJCRW9IZmx5U0hvNlZPdHJUYndYeUxpNTVWQ0ZrYm5YblBVandoc2V3WVA2bk9URllKdUh4OGhnY1F5c0hzYW1WUFBJdSUyQlg3am1nWXNSdEVWT0Fnc0pOY3NaQ0VjM1lzV1p2JTJCbFlHOTVDZXBRcUd6cEphV3NjNnpzT3FLeUxGM2QwQmFjZTRrVlp5MyUyQnV5ODczcWZZM0RveE96M2FoQzZ0bUpzd000bE9PUGN5VTRic2c1TUtkOGpMaUVrY25tU282JTJCSG1zczNiSDlBYWtlRFduOEhoaHp0aXJrUGRucURWdExlY3VENlRqT2FyJTJCcFNyVHhaWVduZ2swYjlPR0M4VTA2Q01YblZBamklMkZwT2lLY0s3WHAxREhtYkFhZyUyQllXb2o1c0pvJTJCbDQ2ZTZ0U1hHOUcwJTJGSXpNd0oyaDcxVkRRa1VhVUtLTTBWZjI3ek9IcGdyaUxPa1hhV2h6MEpBaDlXbUszUUoyMkElMkJqUlY0dlJ4VENQMVpySXJOJTJCb1JzJTJGSmtlJTJCaDhINm1PYzJvUW5PQ2ZhY2FkbEklMkY0dEc3Q2d5S0hqOEREWEgxdzlHb2clM0Q
Frame ID: A7AC9DB9BFA4ECFC00B83808EE953524
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Frame ID: AB97C706E5F61B74999E53B9C99F06A0
Requests: 26 HTTP requests in this frame

Frame: https://cat.va.us.criteo.com/m/tpd?dd=QmBttV9jdjZzS3Axc09SOW56emRnQUFLMjNXMlZhNiUyQnIlMkZvZnlUZnBnZ0tlTjdrREltdnBBJTJCTEpIRmdWZGVpSkQ4M3NiZ0txMEpWSnNtUGdRJTJGQyUyQlBLdlV1VDNrclpraDYlMkZXUGZsblBqJTJGSyUyQkpJUSUyQnNtUjJqWlBxJTJGYUxPaFl6VCUyRmhJdHRQTTN2VUpwNE5JejVIdGVrTkNkQkZwOSUyRiUyQmc5QTZUMW42enRVSDlOOW9FdUNyVWFad0ZmU0ZsbXowcWJrWDc1Z0kyd2ZtVzJVRUhac0NDQXR1TEZRNTZ6dHVCS3pQJTJGTGQwS3BQank2V1daVzRHTElBU3kzNWVjWVViUk03S1FNQU9FNDZpZjhGbUhiRnR5Y0ltM09MSUlCamMyckVXUE5BWE1Kdk4wYWxVYmZZdEpjYkN4M01CUzhhemhrSk5SYXBtN3FVSlB2UGRTMWFqNVM4WGFQZGk0MHNFMHFuSiUyRlRQcjJhNjkycGhGd1ZvR1c2OHlYMXFzdU90UzUxb1RaRFc3VlNnUEZIbjFtZ3l4U0dheUZtbEVmcTVkM3RBNk9RVFFQOGR4Q2xnWXlsaGo5eFhvemZhU0Z5bHVxV1NvczFuNDFNJTJCcWpmRTFhbVV1RWRxeVBXajJWQzgwamVrS0hURE9OYVlqdUk1bmRFJTNE
Frame ID: E38AE2D442CC86BA078AD71268C23F2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bf3d6116-2f12-4b2f-8206-ce18651488a2
Frame ID: 072882690EDAB23B105830AA58F880ED
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 7B28DA14C67C019F11F2EC03BC16351F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3jBWw7zJB5i_wU4YBk00Yg
Frame ID: 768B312C9F618A8F082FDC8C15E205A0
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EE1BB90FC093476C16147EFB0B58A831
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 67B8CA1A9815F163154C7231AC145634
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 1571C8102616E07C50BC2D2095B7F0C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Frame ID: 7B8D26CC2FEB75BD57CB0EEE6343237F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=19802351-4727-440e-b362-a84f0b4b3d64
Frame ID: BD2AD1ABF5ACE6F4A21880033AAC7140
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 687F076E8B852B7A8269ADE33C1A2FE1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WHuJLfrXCI2cs11LBk00Yg
Frame ID: A1B269526D169821346392A63D1B5842
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1D19D7BA8A3181A1DDD896AFA999AFAD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: E3731794F2AACC3B25B5908C593FE0AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 50134BFA7ABAB5C4EEDDC3E5F235DD8C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Frame ID: 911AC9AC7A552A8AEEA1C58FB53478B4
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0D3797212D9E4221B343B0BAEFBE200A
Requests: 1 HTTP requests in this frame

Frame: https://ads.brandcdn.com/html/1594524_300x250_6213dff0931e6.html?fas_c=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3De923d3a7-f3e2-4649-b0ed-1bb25a32adca%26ag%3Dot2xv3l%26sfe%3D146bccfe%26sig%3D7y-Y6Z8yGWSEBBUOmeXtsQGOf42TKD7uwWBCtTHbQFo.%26crid%3D0ngdwb3k%26cf%3D3073917%26fq%3D0%26t%3D1%26td_s%3Dwww.dailymail.co.uk%26rcats%3Dzm4%2Cjba%2C7sp%2Cusw%2C5rf%2C7gr%2C3c6%2C2gy%2Chmy%2Cy29%2Ctmc%2Cd3i%26mcat%3Dttd-ct-52765%26mste%3Ddailymail.co.uk%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dtriplelift%26uhow%3D125%26agsa%3D%26wp%3D0.5%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D376%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D6.69%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABAA..%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQo7Ch1jaGFyZ2UtYWxsVFREQ3VzdG9tQ29udGV4dHVhbCIaCNr__________wESDXR0ZGNvbnRleHR1YWwKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3D4ljBsE%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dtl_ltriplelift%26ipl%3Dhd_97758%26ict%3DUnknown%26said%3D16836037779496610436190%26auct%3D1%26tail%3D1%26r%3D&oid=55952061&fas_m=aax-us-east.amazon-adsystem.com&fas_r=&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Frame ID: 859DA2D3C00C7363AB672F533777FF85
Requests: 2 HTTP requests in this frame

Frame: https://choices.truste.com/ca?pid=brandcdn01&aid=brandcdn01&cid=0701&c=brandcdn01cont1&w=300&h=250
Frame ID: 75A4E83B63DA16EFC54A7C27030EC1FF
Requests: 4 HTTP requests in this frame

Frame: https://z.moatads.com/adwerxxanderdisplay107885237416/moatad.js
Frame ID: 8C424CF253132914E7FF44F6ED81044D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Frame ID: 035AA1E11689598EC623C749B5A90F7E
Requests: 3 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKNDvDtDQcAAAMA1gAFAQiFmtGRBhCP886KpMGdnlYY3cTIz6ry1aBYKjYJmqwn_z2guj8R_v5XVW1osz8ZAAAA4KNwzT8hLFzEa6aYwD8pv2VOl8XExj8xAAAAQOF6hD8wyY3bCziYUEDcE0gCUISnh6QBWLmrlwFgAGi44bkBeJO8BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTI2NTQ2MiwgMTY0NzU5NDc1Nyk7dWYoJ2knLCA2ODk5NTE2LCAxNjQ3NTk0NzU3KQUdKGcnLCAxNzIxMTczSjsARHMnLCAyNzE1MzgyOTYsIDE2NDI9ACxyJywgMzQ0MDUyNjE6PgDwi5ICuQQhZEd1dXBRaVl6dWtZRUlTbmg2UUJHQUFndWF1WEFUQUFPQUJBQUVqY0UxREpqZHNMV0FCZzdRVm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZk5KNEFmcHhNWV93UUh6U2VBSDZjVEdQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFHOGpxVUQ5UUZDSnpZLW1BSUFvQUlCdFFJBSQAdg0I8IF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0l5NHpCOFFBUmdDTFRNek16LWlBdzRJakxqTUh4QUxHQUl0TXpNelA3b0RDVTVaVFRJNk5EazRNdUFEN3kyQUJPRFI4UWVJQk9uUjhRZVFCQUNZQkFIQkJBBY8FAQh5UVEFCAUBGE5nRUFQRUUFDAUBeENJQmZZbW1BWDRzTDJCQWFrRlFiZVhORWJyN0QteEIdOzx3UVVBQUFCZ1ptYm1QOGtGAT8cWUlGRDBEX1IuKAAAMgUoAQHARHdQLUFGX0lvQjhBWFV3cG9JLUFXMnNNRUNnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWQE1CQEkS2dHQkxJR0pBawkQAQEAQh23BEJrARIJAQBDHRhETGdHQ2cuLpoCmQEheUJBUXJnOj0CLExtcmx3RWdBQ2dBTR3dTE9nbE9XVTB5T2pRNU9ESkE3eTFKCV4UQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MEDRBSWtCERDwRjhEOC7YAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay_yAhEKBkFEVl9JRBIHNTI2NTQ2MvICEgoGQ1BHARQACHF2ARUIBUNQARQECTJxbDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAsCSCYQ09ERRIgYzc1ZTU4M2Y3ZTRlNTg3MGJjMzJkYjlkZDIyODE5N2PyAS8BeQBDBS-YMzc4ODcyNDg4NzRiZGQwMjc0ODUwMjFiNjQ4MTViZjPyAgsKB0NQCS4cAPICEAoFSU8BoTgHNjg5OTUxNvICKwoHSU8JIdAgNjczMzg1ODM5MmRmYmRiYWE5ZTQ5OTk3YTQ2M2E0NGbyAhMKD0NVU1RPTV9NT0RFTF9JRAFXDBoKFkMuFgAgTEVBRl9OQU1FAR0IHgoaNh0ALEFTVF9NT0RJRklFRAEhHBUKCFNQTElUAZg5OfCVgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMjUyNCNOWU0yOjQ5ODLaBAIIAeAEAfAEhKeHpAGIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9ck0-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AGmQnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAONweQADIB5O8BdIHDRV2ATgI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=26407ec7c671a81727b4bfae0599e79c5df7b48f&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2F,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dvblctxybyam%26e%3D1556073704375,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dvblctxybyam%26e%3D1556073704375&
Frame ID: BD3A0337BE5E5277FCC9DD86E99033E6
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Frame ID: 9F4E079307EBB1631CE82CFB0042CC32
Requests: 3 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0439aeb1e4dca9b65303cb2362
Frame ID: 8EFF2674DFC892A20A6118F9D5F042D8
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d042e6edafa09ace9c23dd4bd84
Frame ID: 18842D78C56339B76CC214DB3BD59C59
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04fbb2df27c584966d0ea5790c
Frame ID: CB285AFF62242B3BBBDB55DF98C07972
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d05fc8555cb18aa880b1cf63d3d
Frame ID: 0EF9C6F6FCB5E70308A1B8E12333463D
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250&pubhost=windaloop.com&apnauc=3747064854672751328&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FTwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjUyNjk%3D%2Fbn%3D90745%2Fclickenc%3D&client=NBCSports&dspid=3bc1d7fd2e&placement=DDM_APN_US_Sports_ACQ_300x250&bidid=3747064854672751328&_cb=1805027443
Frame ID: 0AD09772F27F6533773C6A8C88245B00
Requests: 2 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04e4952d5d1b00f23cefd507da
Frame ID: EE3E335DBB0461864B402C70E4AAF8EB
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0457b7d60ffac03fc3d185c063
Frame ID: 1FBCF0FE164470E39E8C5C23F115FD8D
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d059f5bed36dd5e6b579ac23947
Frame ID: 5D29AA92E37447F1BE8FCE1AF6B11305
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0570994f1e553fc00d985cf14f
Frame ID: DBA0F64E2AF498AE046FFE5D40B4EF05
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04d798fbb841a1b6b2bc93b656
Frame ID: 5FAD58E777B029E0208C33D4BB76CAF9
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d05ceea22777aa43880e89e491d
Frame ID: 3D080CA760953008AE75C3D7701D06DD
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04c061eb2fc49b45618dafb9b8
Frame ID: 15E82C768C0F90FA1CD9ED5E7DB80AD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Frame ID: 8EA9E516612D710AEDF14CA8FADA630B
Requests: 53 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 0DCB7B21667C8A0914D13B75B3562CC9
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6BE3AA78892D8E18E4A3ED33E49E3CED
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1064AAF28A7D14908E8EECC86B048805
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 90D7663997FD75626A557191C52B875D
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 0DBF0027A13187E863B9A871C86F30D9
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC9CCD5F9C2D8A822BA678781ACC162B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BEBA634B9BA5F58584072496DBF3900D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 713AE348E106D2DAC4BDEFEB1F76DAD3
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 023F9982299F6DAB037495FFEBC98B79
Requests: 7 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 98EFEF2C5FCD4B5D423B194F90ADE6F1
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: AAA4498588E363E9E2105385AF69976D
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 80D925BA8839204BA9A0B44745D3DED6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 89EC9A52273A52C5E29F12DF7317F6FB
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4F14DDF7822A1F730663537EBF51345C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9509AF02347BA99C7CF52606215842B9
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 836C65D7717A464391576E37654088A8
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 68AEAE1ADCFBBE30490B53E9E39EAF7E
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D5292F70AC4848850B49BCF24049643
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E40436106AC00443C28779C0C56D76BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 320F8115087343CB6A1A3CB5D19EB333
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D6B96135A9088EFBB832CE29D45B5FF7
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: D7A5D0710409E3FCBB2D5464B1DDBBC6
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FD9D3EFBB5F44F48B3229A560B7911AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CFB0699E0326923966593622298B3553
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 356016E99B09A301749D7DA5F3CFD9BF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4544F423344095FBE22E9317C62B27A8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D8455F5BAC853021A256597DD9BEA17A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A9CC15A01E620D6F0B006297D9281FD6
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 082157AE2A3E96D998D5434B4437DE4C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: D047A1FCD6338104EC0A014F07CEA24A
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 43F03D9A34B524A6367E01810AE23245
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB293A3E91B4E54F3BFE560CC057251D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1BB16C3647B847E247F6A765ABEA479D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9236672E7ABE0F3828417F47234C3759
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: FE3B36BF10BEA6DE53FA4512B741C1B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 7CFED99A54F4C7E5B508730408821587
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D68297DDEA3EB960A80FB28AA6A7616
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 889C3949479A716DEAE36555F7A0A7B7
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5A9BBECB203C2093095C3691F074CEBC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F69570274433331E7D3FFA497FC140F0
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 218131109A56EA5648BD4B88C88162D0
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 502390AC8F616396367F10B22601531E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3FB2B315E7C5FB6C8BC80568A55B6B64
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 019616873089AE69009635E716C25093
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 1BEC625B511D65F29FB7D199B4CBEBD2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C1A8838EC283006E179FEDF628F5435B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C301529CF8A2DA1B0B89555CB061114
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: A4C61BE8672AEB6E6E9B6292BE16FED6
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D25B3EDFF91EC946AAA8DE16B02AF0E2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F9B16331D334F268CC3486AF8F1B1C42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0345A9084C85EC3522982DC300535CBE
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 05A512D1E2D9D27CC4F53A56CEEB4D90
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C364F33DF87DDFDB7B3063C45D1B66AC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6F6CFEC1007995A07E050C2933075198
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4D7701D8F707A31880A2415607760932
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 78765D91D32267D2A9201D3C5999DC46
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D7A13121B259BFDE5561FC7A4DBB4DC1
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: BB9C4F874747EBA1D9D0FDDCF54FA9B2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4445E06A30891F31A3EF8AF0C326DBF5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 74CD75D13639786519B09631B80318B4
Requests: 2 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/imp?aid=249101&cid=2711281&imp_ck=09a7be08-91dd-4f04-a167-a1ac372be137&m=aax-us-east.amazon-adsystem.com&r=&crid=8229084&oid=4932764&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Frame ID: 4E08BEC8B66E4616DBDBDC85CC132BBA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EF5FCE40FD2421481F94690681C07C2D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0B9895126851A917B807F77BD2B9F3C4
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 7FF71DF3D305CA01A5B437CB0CD35921
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 0B858E7390C7E00D0214B084E973E4AD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 08A268124FDC8901A2C36DA1D63BC414
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 54A9BE4A9D593EFFC13C943BBD92FD31
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 36795D75C94AB328F782F77D3FEA39D6
Requests: 27 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 4C05C0D7985A2BB4F98B400B729AEE99
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: D2187AB201492BDE9252B035E89178AD
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: FE3A12BE9F31E6E07D1EA22B51D0DD45
Requests: 27 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 1B2D1F2A4F9108D8BEC760982ED449E5
Requests: 27 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 4BA1ABB5E46267254161AD19F2B2B788
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: A69016D30B60BB6B2EB1335C271299F2
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Frame ID: 6FDE1DE6F600452E0F799FCD526FAB6F
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 756EEB8E7C135864EB0228F991E07C7A
Requests: 2 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: AA8025F9AE201A2A95490D22B40046FA
Requests: 27 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: B6E6F94727A70295E008996DB12E2108
Requests: 27 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 2BC6DDBAF8643D69C05FEB5B6D046D04
Requests: 2 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: 0E8E69BD7B1A9D933170A0B2C9247153
Requests: 27 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 94D228136FB0EE3FC6640627C26684A5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 653A65716E58970B500B63293A3954B6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EF45E069400FE2B7471DFEBE52CA829C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: D804E4DEC1CCDBBA5B982C6A5D6350B1
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B68799B95B72E630527AF139E905A297
Requests: 1 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: DC3B2FDBFA715FAA680F71F60037C7CA
Requests: 27 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: BE58AD6A9AB28DDF840D3D4E44CB852E
Requests: 2 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: 2472BB3CC030AA680372850E2B6D553E
Requests: 27 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: 2EDB69F95B27DF51458564FC2A3E9D9A
Requests: 27 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 4CA997736D2E7DCAF436666903ADD921
Requests: 2 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Frame ID: 4F58DA9B15A3CEEA147BDEF66E44F0FB
Requests: 27 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: F8CABF9452144D34CBC1BCC5E8025565
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: F8847A1830A51090B9988A1F5A86EFA9
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Frame ID: 33859285A2027ACA7266CFA71FD9159B
Requests: 4 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=5ft7yHrTcDZd&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Frame ID: F57DDBC31007D09DB9E3B1986C6A94A0
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: B25114A85F28CEB25168A060590D4702
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: 9C67781391C7BE678E6248F0162F72AE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: B8B1A83C4A2E1A76CD0D19645129398D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Frame ID: CDB27C4239080C07007CFD5C6A2E057A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: EC0A59D2F103CBF839F549DA94A57C9D
Requests: 10 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Frame ID: 3D1308044CA13C64A1777AD86C35AF7B
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&CACHEBUSTER=957517
Frame ID: ABC7BE4D889791A163E046C40859AB8D
Requests: 7 HTTP requests in this frame

Frame: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Frame ID: 8555E2B825CC9F955A0EC18DEDAAB7BD
Requests: 31 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Frame ID: 2016B362087996AAA16EBF5477E619C3
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 2F98860B2C437A3694D6C9F57C9287C7
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Frame ID: DDFB06949385BB3DE0D9C53ADEA79553
Requests: 9 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Frame ID: 954501508FD41D4289CEDFE9451FC8A5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=30317
Frame ID: 3BDD86F2E54EE1DA9B13DCF496192F45
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0FB282D6F049D1C00D0FFCC671FC9768
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8347514/1646342969228/index.html
Frame ID: 125DEC3D0A25FF7E182199C405B4C64C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 282ECA8024AEC098AC7C6BC3F0BDF8A8
Requests: 3 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 2682E05B2DEACBFA888167216564576D
Requests: 2 HTTP requests in this frame

Frame: https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/crossOrgInlinedMin.html?command=getCrossOrgUserId
Frame ID: 6D5F089FAC28A504783538E568A2E2A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73C21B0FDFC062370D5F91ADC9F0BF93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7F5051E06665584FAABB7B9773CD0F2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B77C404834E4C633C4DAB355070A3079
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29A9534130508FB03C0F1E23F998456D
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?gdpr=1&pid=170&us_privacy=1---
Frame ID: 09BF981C6621A4EE6F9DFCF52D381EEB
Requests: 3 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?gdpr=1&pid=170&us_privacy=1---
Frame ID: 23D871AA25C10B6EB50F186D6428BF1C
Requests: 4 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Frame ID: 4DAB7BEBD3BABB77BF647F1D95EC4D7C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 7482542B846E4077E1384E3C70C2C7F2
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Frame ID: 91D57A3C2735C72D6FED252D93C5E75C
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Frame ID: 1D4FC08EABC607347ECA48831C7EF060
Requests: 1 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Frame ID: A48E641997449C6C66FD3D01D6E349C8
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Frame ID: 96FC59AEE41A05CF7836B5CF9873D06C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 524258F09D35A15E52EBF1F8DB702AB1
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Frame ID: 579C429DB8C9F6F83499899944D1833B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: D423D9B9ADECCA0E3899B7A45190DAF8
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 17624234F1EAAEB353C757D7D35194F9
Requests: 16 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: E96D727B972892F430D74874F8EF3492
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0BE36EDCC503D941C0A8C2A4FC2EAF8F
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Frame ID: 8F71D64ACA9A0702293360E9168AAAC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Frame ID: 9B0FF0BE790DAAE5319BBF42EE49A799
Requests: 5 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Frame ID: 92788C7EFA58B5E809496F388D40D862
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 8BB584D2FEC3AB732844D126B8B4A3B8
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Frame ID: CD0E4A180050211CCE74D6F0180827C6
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Frame ID: FA9C635C6FE98B7BFF87730B33CC1F6E
Requests: 7 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Frame ID: E3C1BF64F67319BA2F9B9D29284821BB
Requests: 7 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Frame ID: 05FB193C6FDFBE40871359311BC630FE
Requests: 7 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=9947282a-9962-4996-b93f-5460e5cb290d&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Frame ID: 0098781996B21324D9FF8A99FF25C1B6
Requests: 5 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&&taboola_hm=0b9r5uPyhAf7&orig=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Frame ID: E770AE2A98CA91378787AB3B9710AE62
Requests: 4 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=taboolapmphttp%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtbhv-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Frame ID: B8301FC5FE7199EFCD2297662FB4E0C4
Requests: 4 HTTP requests in this frame

Frame: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Frame ID: 560C89953C52247CAEA7FD67298091AC
Requests: 3 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=QYi3g69PjTQs&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Frame ID: 5C3D7C101D887F88F693C99C5F7BB828
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Frame ID: 8BED7E759CCFA2746041F383497E671D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Will £148m EuroMillions jackpot winner share his fortune with long-lost half brother he has never met? | Daily Mail OnlineEmbed iconEmbed iconDark themeLight themeTick iconClose icon

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/byCVCXDPMgi6RAmph6ikWl?domain=dailymail.co.uk HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtVVly20YQvQoLvxFIzD6jSlJmZDmxS5JjWbKchCnWLA0SFgGwgIEZ2qWf3CKVY-Q... HTTP 307
    http://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions- HTTP 301
    https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions- HTTP 301
    https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-lon... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

2832
Requests

71 %
HTTPS

21 %
IPv6

217
Domains

421
Subdomains

258
IPs

15
Countries

28961 kB
Transfer

60681 kB
Size

433
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/byCVCXDPMgi6RAmph6ikWl?domain=dailymail.co.uk HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtVVly20YQvQoLvxFIzD6jSlJmZDmxS5JjWbKchCnWLA0SFgGwgIEZ2qWf3CKVY-QIie-VBigvlOw_fwE9vfD1m4fHt0nj1zE5TGxpV0VVb9pr-2DRFQE2RQNjX5fJQbKqfXJIDpIGPBTrGIsSMJZcCZYZIrMswxwOoQeJjdH6ZVHlNc58O7uNS6hiO0sOf8OTvFjBmS0Bw1kSG1u1ZdG2RV2NoVzNkoNZ0i4tGbIMguYhSJkZQ00ulFfUM6topqlTzlgJQISx77uokEOfyriQnuTMEqY8V1xwzXhuNTfcZ9zbLA9OeKKow1cN1gWZKUe8Bi-J5sO8MohhGOVaKkGJV56AhRxLqVGeCYTkwImhuKnr-PxrA0CaL7brHVEltK1dwGzS5F5Tmraxcw7CbvPiTV_EGKE3B3cZdnXYjpex3Gc2Cyq3ylHOM2sp1cQDtwy4yAlnhhIhQHrOzV1mg8w9wjdUKYsbMEFzKjWqwFjmQnA8zyXDFYIHRaR01BOTe0IktY4ECXvMSimp1ppq6z1xAoQWIs8NEWBybXj-OWa_DoBPmY3wR5xNkKHVp2QSLrIvkBmxfp9Ma6UVqAfUo0eRAgGFrFrLMyk5B9DCcqbuy1Q65lEQKjhlgBKpteDCcOmdILhn6HkQuAw-FCeZd06iYDTJc4uLmz0yHYqUodIIM15aCNQwgoSCyJ2SOOWzMv0qAO6TuV7Zotpjkwp98_sNWklAV_G93zyuMFoXAZPqIHFtcoiPtUWjSY4un08JYVPBsMQO1UdL8NeX5ye7AzQLPJt6j2Fb2naJkQy4FTfMc9tfhA1WZbh4xoJ3JrCghGAE1-hbqtBgR11tiwhtJPTBorTF6tbs2s696r3r-OXFzejX0eLff5rtaNHY2K2sfwWjYrSBtn73J4ze_b0p_vsr1htbFTDG1ljG07qrcKekayM0JUn61fy9pXrP_eiRyEixLj6xyOq93qZVZUenH4x5oBR6rEP2i5Y91IW6HG4BC-8kdzcBbU--ECgbYUxv4T0vH1F9AHF6Ph79eHly8nh6Nvph-sujp-cP7wD5HJP3MOwlivXOWzMz1mJMiRkTnQ2ZZd3GneNhfbp1JM0xNV7U9WL1Hv-O6rM64N9QkmU9o8UaX_fH4WnZLvolk2-PpqfPu2_SNw5-Ti8pfXRFY1Sv7fpSTV9sXz68WFyd2Wdx_aTsuu-uXsL26uLZgwHwB9jf9-N2Jhzb4bcozRhRhFCN5m405rtmhZlljOvD2WQ22Ww244Dt29sZ4-56Nqlg084mtomFX0FKiVbGmNnkqlitUsJ1mR53TX2KEYq8Tft76vW_mPsU5l2bkblR89fBqJTMP0pqvkODWSLnt9JLkZhUCiY5ZVRxnNTLAGcBPVfH18v56dnRiyfhzcnxT08L9wzzHjvrEhq_I3ZfsbDYfXXrpo74BaddO-6_fG_bOHw4N_8DAhh-lQ HTTP 307
    http://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions- HTTP 301
    https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions- HTTP 301
    https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 155
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/167/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F167%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/167/2/8/2.gif?puid=6359460436251910749&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=%%TTL%% HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENbRD0remzScX6oPlDae0KQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENbRD0remzScX6oPlDae0KQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6359460436251910749&opid=apx&ops=&utidl=tech:goo:CAESENbRD0remzScX6oPlDae0KQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A26018534275&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAGn007EaJoAAAyap1piaQ HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/167/796/4/6.gif?puid=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/167/429/3/7.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
Request Chain 208
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=&gdpr_consent=&uid=y-YMXV2ENE2pGgXba1nwTkR_YLUUAGPYkBJs7Ro8Uja4zTsWnXnD7BXE8-~A
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEFHalaYu0qYsUvzNQ5KVB5U&error=&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf&google_cver=1
Request Chain 225
  • https://idsync.rlcdn.com/463146.gif?partner_uid=4fb1b838-50eb-beb2-fc23-7e189ad55028 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKqiHBIwCiwIARD0-gEaJDRmYjFiODM4LTUwZWItYmViMi1mYzIzLTdlMTg5YWQ1NTAyOBAAGg0I_ZnRkQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=444409272da3f4da47b750e452f5ea7a3ddff044ef23a1a1085902591128ec82791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0NDQ0MDkyNzJkYTNmNGRhNDdiNzUwZTQ1MmY1ZWE3YTNkZGZmMDQ0ZWYyM2ExYTEwODU5MDI1OTExMjhlYzgyNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ZnRkQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0NDQ0MDkyNzJkYTNmNGRhNDdiNzUwZTQ1MmY1ZWE3YTNkZGZmMDQ0ZWYyM2ExYTEwODU5MDI1OTExMjhlYzgyNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ZnRkQYSBAgCEABCAEoA&google_gid=CAESEK-SNJBi0Zyod6AF0OeYGoc&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Request Chain 226
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2781&partner_device_id=4fb1b838-50eb-beb2-fc23-7e189ad55028&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Ddc9f4590-7bca-4faf-a635-dfc4b1d024e4%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26exid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2781&partner_device_id=4fb1b838-50eb-beb2-fc23-7e189ad55028&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Ddc9f4590-7bca-4faf-a635-dfc4b1d024e4%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26exid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://crb.kargo.com/api/v1/sync/Tapad/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=af231e30-3711-4eea-abed-7905c7506b1d
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028 HTTP 302
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=65&redir=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2Fmediamath%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Ddc9f4590-7bca-4faf-a635-dfc4b1d024e4%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26exid%3D%5BMM_UUID%5D HTTP 302
  • https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_cm&google_sc&google_dbm&gdpr=0&gdpr_consent=&us_privacy=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEKoSd70A_ddBqFqGOtNUctA&gdpr=0&gdpr_consent=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_hm=NGZiMWI4MzgtNTBlYi1iZWIyLWZjMjMtN2UxODlhZDU1MDI4&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
Request Chain 232
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 239
  • https://secure.adnxs.com/seg?add=26427592&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26427592%26t%3D1
Request Chain 240
  • https://secure.adnxs.com/seg?add=26762887&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26762887%26t%3D1
Request Chain 241
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fdpid%3D267%26segid%3D10277 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fdpid%3D267%26segid%3D10277&rdf=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=267&segid=10277
Request Chain 274
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0a86fd6a-476f-4512-8513-0e5497e7fd70&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json HTTP 302
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0a86fd6a-476f-4512-8513-0e5497e7fd70&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
Request Chain 291
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0531afe9-c036-4c7b-af58-ce68646a07b8&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json HTTP 302
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0531afe9-c036-4c7b-af58-ce68646a07b8&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
Request Chain 317
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dailymail.co.uk&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pAtCkXxkeXllZ1A1RjROalNaYVZPRjFSU2JMRm1lSlVicDJrbVNxaEZxWE9rNDY5M2lZbGhPUnFaTythSHRNVUFSem1GMUE1M1BOWUZwbWRrbHJYMU15MEw1azVnNDlncXREbXBVNERqbHpuMDdRQjMrcXZaSk5UMFE2Ym42UGwvOXF3Y3JQdE9zZnlhVkFuWDExMngyVC9QTThPZlE3QlBoUGZVK2VIRS81SVpxU2xKSUxDSE1rSzlKZmlDbDRCaVh0dXFXNmJDelpWblJEN1pHZkI0V0p3TGxSazBIdWdmdS93VU42YW0rQ0h1bnZmajR6eXR0Vjl5RzBDYkhVRUozRWdKQ3dXRnE0WjlVNmdCZEFBZDhtcVYrZz09fA&cppv=2
Request Chain 330
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Request Chain 360
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Request Chain 364
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 372
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Request Chain 374
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Request Chain 381
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Request Chain 383
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 385
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YjRM-gAN66WnSAAy HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjRM-gAN66WnSAAy&_test=YjRM-gAN66WnSAAy
Request Chain 387
  • https://match.adsrvr.org/track/cmf/openx?oxid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJi6WeOiMWIQUTfJ_csnBLs&google_cver=1
Request Chain 390
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 391
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=77c60781
Request Chain 392
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5036F47B1E164C5B8C56BBC185A6E0FD&ex=simpli.fi&status=ok
Request Chain 393
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6359460436251910749&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6359460436251910749brt57461647594750670190ab
Request Chain 395
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 397
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=districtm
Request Chain 398
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8297679604156303488&gdpr=0&gdpr_consent=
Request Chain 399
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7ff366859f2d121a&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbf6_kKU0-QMAVGcRAAAAAAA&expiration=1647681150&is_secure=true
Request Chain 400
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOzYnxtgS0gmtmBm_sZL1Y_x6vUXPfNI1IrGt9ng
Request Chain 401
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3142368608644553920
Request Chain 402
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 403
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4c54f48e0b62419f8f97f771c71e8375
Request Chain 408
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wYWNJd1ZoRTJ1TDF3aDdsLnpBZWNMQ0xrYy5yNjNqSn5B
Request Chain 409
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=appnexus.com
Request Chain 410
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 411
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2230631680262455077259
Request Chain 415
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 417
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=
Request Chain 418
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVUEGOLDL5FHQ5LLPBVXKQS7FVWFIR2BO4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVUEGOLDL5FHQ5LLPBVXKQS7FVWFIR2BO4 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=hC9c_JxukxkuB_-lTGAw
Request Chain 419
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=898167d1-a69b-11ec-a277-16f784d60003
Request Chain 420
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
Request Chain 421
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=6359460436251910749
Request Chain 422
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_55e3ef01-907b-4e81-87c2-f443b724f20b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=9a7bcef6-93dc-4314-bf35-77a9997a608a&ssp=gumgum2&bsw_param=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 423
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_55e3ef01-907b-4e81-87c2-f443b724f20b&obuid=ENC(sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DsIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=77c60781&obUid=sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42
Request Chain 424
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=cf75c53c-ff3b-4a06-a129-0c08ac4799f4
Request Chain 425
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-371c9cd9-2321-407a-69db-82e264089b15$ip$96.9.249.42
Request Chain 426
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-IJNj.MhE2pd_mMdhNscg.6yGjfblSaFVsM9W~A
Request Chain 427
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=8a1de752-a69b-11ec-92c5-fb53764b0872
Request Chain 428
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=34B9E82E4748403EAA98BCED7FCDFCB4
Request Chain 430
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_55e3ef01-907b-4e81-87c2-f443b724f20b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVUEGOLDL5FHQ5LLPBVXKQS7FVWFIR2BO4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVUEGOLDL5FHQ5LLPBVXKQS7FVWFIR2BO4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=hC9c_JxukxkuB_-lTGAw
Request Chain 431
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Request Chain 432
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1647594750949 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1670903602 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 433
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=tHsVYykq6Lae&ev=1&pid=558355
Request Chain 434
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=8297679604156303488&gdpr=0&gdpr_consent=
Request Chain 438
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6359460436251910749&pn_id=an
Request Chain 439
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=r2EHv60wUu60ZwO5qTEZuq83DL20ZFG6_GW655l5 HTTP 302
  • https://ads.yieldmo.com/sync?userid=7c645530-439f-430f-be08-f3bda86d545b&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Request Chain 440
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 441
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=IXpJUf0fTLpw23126tpzuWAJ-So
Request Chain 442
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=QKodMwjjXFVx&ev=1&pn_id=pp&pid=561118
Request Chain 444
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 445
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.bfmio.com/sync?pid=167&uid=av-951e2293-d2ed-483f-a976-5bdc8a2c1514
Request Chain 447
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/d7a5f40113e0d3244ed6d5ba7c22ca6f471fd0b9 HTTP 302
  • https://sync.bfmio.com/sync?pid=157&uid=y-7TO2EhhE2pJO_pl9Xyni71_w1zgvwXJ6bhWlfgn9vg--~A
Request Chain 448
  • https://www.storygize.net/ccm/ab07fd15-2039-48b6-b2a2-4c9d1869ba93 HTTP 302
  • https://www.storygize.net/csr?r=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D178%26uid%3D5da0036c-9b6c-4679-84ff-2073e189b78a HTTP 302
  • https://sync.bfmio.com/sync?pid=178&uid=5da0036c-9b6c-4679-84ff-2073e189b78a
Request Chain 451
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=5sXF81LhMv9MWGJQujci&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 452
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=6c08c9107bed88b791eade9c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1647594750954 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2119211828 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 454
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=znmAT1MDgfzc&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 455
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Request Chain 456
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=&gdpr_consent=
Request Chain 457
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YjRM-gAN66WnSAAy&gdpr=&gdpr_consent=
Request Chain 460
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Request Chain 461
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=f67a371d-f285-4ca2-be6f-f2af79502cb4&t=1650186750
Request Chain 462
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 463
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=emx&i=$UIDbrt57461647594750670190ab HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6359460436251910749brt57461647594750670190ab
Request Chain 464
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YjRM-8Co8XgAAKuqQKkAAAAA
Request Chain 465
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=5sXF81LhMv9MWGJQujci&pi=gumgum&tc=1
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Request Chain 467
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjRM-vslB2dqu-QqfshUQAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
Request Chain 469
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&expiration=1650186750&gdpr=0&gdpr_consent=
Request Chain 470
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130750
Request Chain 471
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_62344cff31ce1&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_62344cff31ce1
Request Chain 472
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 473
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6359460436251910749
Request Chain 504
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 505
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Request Chain 508
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 510
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0W7DGRS-P-64GH&sigv=1&esig=2~8144a222e1baac5dfed75856d7eff0cc6673d93c&gdpr=1&us_privacy=1---
Request Chain 511
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 512
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0W7DGRS-P-64GH&gdpr=1&us_privacy=1---
Request Chain 513
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OCWrorkGYl7Bdda46ymLbQ?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
Request Chain 514
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 515
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
Request Chain 517
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhMWU2MGNiODEwZGFjYjk3OTBiNzVjYjk4MzUyMWVlZDc0OTgwNw&gdpr=1&us_privacy=1---
Request Chain 559
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 566
  • https://gcdn.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/111502D0CA00FF50D27CD81022B4E8CEE1593E44.AD4D4C5B5B128A3196C8BBD091B0DA3399EEC32F/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F319BF581EE5D2C959CC616C14CD896F6A9B973.8079E487EB76C2409EDF17C7F66A65544E021208/key/cms1/cms_redirect/yes/mh/AJ/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzd/ms/onc/mt/1647593599/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 585
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Request Chain 586
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Request Chain 587
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Request Chain 588
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbjAwN0VhSm9BQUF5YXAxcGlhUQ&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGn007EaJoAAAyap1piaQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8297679604156303488 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAGn007EaJoAAAyap1piaQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8297679604156303488%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=8297679604156303488&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGn007EaJoAAAyap1piaQ
Request Chain 589
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 590
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_174ff51fcf874097873f0
Request Chain 591
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IXpJUf0fTLpw23126tpzuWAJ-So
Request Chain 592
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Request Chain 593
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8af7dc84-a69b-11ec-9692-13cc52d00862
Request Chain 594
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 595
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mXDI4agD1Nv8EU5&gdpr=0&gdpr_consent=
Request Chain 596
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=656893234070
Request Chain 597
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=5036F47B1E164C5B8C56BBC185A6E0FD HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=34B9E82E4748403EAA98BCED7FCDFCB4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=dda93a40-6aab-4712-aa91-e6ce437f8a4e
Request Chain 598
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&rndcb=2430034661 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=7c645530-439f-430f-be08-f3bda86d545b&google_hm=N2M2NDU1MzAtNDM5Zi00MzBmLWJlMDgtZjNiZGE4NmQ1NDVi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEApJARQHKVkopLUXnCYUbP8&google_cver=1&ssp=adconductor&bsw_param=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/7c645530-439f-430f-be08-f3bda86d545b?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 599
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7008811521702904394&uid=Q7008811521702904394&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7008811521702904394
Request Chain 600
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uT4uEqqeQiCDELCFmPxTuQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 601
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a
Request Chain 602
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 603
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjkzRTJFMTItQUE5RS00MjIwLTgzMTAtQjA4NTk4RkM1M0I5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 604
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQyr0Y-b31ptkPzhP9QG9k&google_cver=1
Request Chain 605
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Request Chain 606
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 607
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 609
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HGhXs79E2uW0DAzKEG_j.jNrvfwbf.4-~A&gdpr=0&gdpr_consent=
Request Chain 610
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6359460436251910749&gdpr=0&gdpr_consent=
Request Chain 611
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b9369c0ef15121c&is_secure=true&networkId=17100&version=1&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6_kKU1DQN4Z-QLAAAAAAA&expiration=1647681152&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 612
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM
Request Chain 613
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent=
Request Chain 615
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&ssp=pubmatic&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c645530-439f-430f-be08-f3bda86d545b&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 616
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_ECEB475D_E7E4EC2A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 617
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Request Chain 618
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486416200911656969
Request Chain 637
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COeI_s0CEJ2UotACGNDrzb8BIAEwAQ&v=APEucNWLOBRmHNwsDlfKCEU22Lp--jZ6hRqZQHgVtMyIqZdpb8vXoFdRjBLRnTNk1lBiJwYeWSPi-b-K478IRbaxef3j69UHuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
Request Chain 692
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Request Chain 703
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Request Chain 705
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Request Chain 707
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Request Chain 708
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Request Chain 711
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=themediagrid&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069
Request Chain 712
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4YjY5ZjAwOC1hNjliLTExZWMtYWIxZi0wZWUwNTZjM2Y2YzE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Request Chain 713
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&_origin=1&gdpr=0&gdpr_consent=
Request Chain 714
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Request Chain 738
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
Request Chain 739
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 740
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 741
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
Request Chain 742
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
Request Chain 743
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2230631680262455077259?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
Request Chain 744
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2230631680262455077259&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=a1aab94b-3281-4bf3-a90c-f31056463a9c&expires=10&ssp=triplelift&bsw_param=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 747
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK23YNN2UEXZNNRKEOQLX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK23YNN2UEXZNNRKEOQLX HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Request Chain 748
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_cm&google_sc&google_dbm&gdpr=0&gdpr_consent=&us_privacy=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEL7BR5gTWwb08wG3kpXorBU&gdpr=0&gdpr_consent=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
Request Chain 749
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_hm=NGZiMWI4MzgtNTBlYi1iZWIyLWZjMjMtN2UxODlhZDU1MDI4&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
Request Chain 750
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028 HTTP 302
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028
Request Chain 751
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
Request Chain 752
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 753
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 754
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
Request Chain 755
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
Request Chain 756
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2230631680262455077259?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
Request Chain 757
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2230631680262455077259&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 760
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK23YNN2UEXZNNRKEOQLX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK23YNN2UEXZNNRKEOQLX HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Request Chain 762
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Request Chain 763
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEE7iQI6yTq8ZAbjKHEomQ88&google_cver=1
Request Chain 764
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6359460436251910749
Request Chain 766
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 767
  • https://x.bidswitch.net/sync?ssp=kargo&redir_url=bada48c5-e4e6-42e9-aade-5845ab91df36_4fb1b838-50eb-beb2-fc23-7e189ad55028&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 768
  • https://sync.mathtag.com/sync/img?mt_exid=65&redir=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2Fmediamath%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Dce9416bd-d24f-406b-b679-fa2255997ecc%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26exid%3D%5BMM_UUID%5D HTTP 302
  • https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=ce9416bd-d24f-406b-b679-fa2255997ecc&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 769
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FAppNexus%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3D04078b8d-71c7-41cd-9ca6-cb3599e478e7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26exid%3D$UID HTTP 302
  • https://crb.kargo.com/api/v1/sync/AppNexus/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=04078b8d-71c7-41cd-9ca6-cb3599e478e7&gdpr=0&gdpr_consent=&us_privacy=&exid=6359460436251910749
Request Chain 771
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
Request Chain 774
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Request Chain 775
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 776
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
Request Chain 777
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 778
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 779
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Request Chain 780
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 781
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
Request Chain 784
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Request Chain 785
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 786
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
Request Chain 787
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 788
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 789
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Request Chain 790
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 791
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=c9c1c6ca5b2645bfa8a6841077d29f19 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=fd41e44e80fb42be8689982c1653d0a3 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F84245bd977ad4256a96aaacc72582364%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046449f3ff3 HTTP 302
  • https://i.liadm.com/s/e/53233/0/84245bd977ad4256a96aaacc72582364?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 793
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 794
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 795
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Request Chain 796
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Request Chain 797
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=0b734c2cb89f4a4bb43c0908b8051260 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=ba1e8c98b0954c7cab9af354fd6414a9 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F32954844b19c4a61bbb16784d620cace%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046449f3ff3 HTTP 302
  • https://i.liadm.com/s/e/53233/0/32954844b19c4a61bbb16784d620cace?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 799
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 800
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 801
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Request Chain 802
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Request Chain 805
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=17d8e2b3daa74519b51f4046449f3ff3 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=287bdf35a74047878b36c51b7c3535a8 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2Fd78ea171eb0f42038e2916f1af324498%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046449f3ff3 HTTP 302
  • https://i.liadm.com/s/e/53233/0/d78ea171eb0f42038e2916f1af324498?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 807
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 808
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 809
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Request Chain 810
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Request Chain 829
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 830
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 831
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Request Chain 832
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%26partner_url%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&partner_url=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Request Chain 833
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Request Chain 834
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753039.6 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 837
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 838
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 839
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Request Chain 840
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Request Chain 841
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Request Chain 842
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753065.6 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=04b2df43-63ea-49dd-90da-71467d806d9b HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=04b2df43-63ea-49dd-90da-71467d806d9b&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 844
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 845
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Request Chain 846
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Request Chain 847
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 848
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Request Chain 849
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753065.6 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=3f21dccf-ac40-466c-a5de-d7b2d6275b57 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=3f21dccf-ac40-466c-a5de-d7b2d6275b57&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 850
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Request Chain 851
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 852
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Request Chain 853
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3Db16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Request Chain 854
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Request Chain 855
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753067.6 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 861
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy=&lexicon_id=gg6e0eaa3fdc68a HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=93&xu=3589912411653720389&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=93&external_user_id=3589912411653720389&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 862
  • https://pixel.advertising.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=108&xu=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=108&external_user_id=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 863
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1647594753068.3&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=112&external_user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 864
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=5&xu=QKodMwjjXFVx&ev=1&us_privacy=&pid=561516 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=5&external_user_id=QKodMwjjXFVx&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 865
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753068.5&ri=85&ru=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%2F33across%3Fus_privacy%3D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy= HTTP 303
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ HTTP 301
  • https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ
Request Chain 866
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6&_expected_cookie=9f05f3184f4bef023f0673c69dddc0f5
Request Chain 867
  • https://map.go.affec.tv/map/3a/?pid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&ts=1647594753068.7 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62344d01da342e000130b18e%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 302
  • https://map.go.affec.tv/map/an/6359460436251910749?ch=62344d01da342e000130b18e&chc=tt&floc=&redirect_url=
Request Chain 868
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&random=1647594753068.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=af231e30-3711-4eea-abed-7905c7506b1d%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=af231e30-3711-4eea-abed-7905c7506b1d%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=OuX9gXEj&partner_url=https://beacon.krxd.net/usermatch.gif?partner%3Dtapad%26partner_uid%3D$%7BTA_DEVICE_ID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=af231e30-3711-4eea-abed-7905c7506b1d
Request Chain 869
  • https://dp1.33across.com/ps/?pid=669&uid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&random=1647594753068.9 HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=119024359231037&seg_code=33x&random=1647594753
Request Chain 881
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Request Chain 882
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3142368608644553920
Request Chain 883
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Request Chain 884
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e468e9d9-3ce8-4049-a488-bad121e9075d
Request Chain 885
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=8af7dc84-a69b-11ec-9692-13cc52d00862
Request Chain 886
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Request Chain 887
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=-mq_kvg76sPhbLuU_Dqhl_o8tJDhb-mXqW5DhYax
Request Chain 897
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Request Chain 899
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Request Chain 900
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
Request Chain 901
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Request Chain 902
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559
Request Chain 903
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Request Chain 904
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e22040751a4c367fd91b8&expiration=[EXPIRATION]
Request Chain 907
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
Request Chain 908
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
Request Chain 909
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1bea018ae8ac1219&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGbrSlsxWJ0gMvTjCIAAAAAAA&expiration=1647681154&is_secure=true
Request Chain 910
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&expiration=1650186754
Request Chain 911
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Request Chain 912
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b376d75e-e1a2-4ad3-ad30-8eb7bbf90472
Request Chain 913
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130754
Request Chain 914
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Request Chain 917
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGn007EaJoAAAyap1piaQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAGn007EaJoAAAyap1piaQ&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGn007EaJoAAAyap1piaQ
Request Chain 919
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B342_ECEB475D_E7E4EC2A
Request Chain 921
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=mXDI4agD1Nv8EU5
Request Chain 922
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6486416200911656969
Request Chain 923
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wkG9j8AQ6N7ZR7mJxBGjisIXto3ZROuKkUVyOzu_
Request Chain 924
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D7c645530-439f-430f-be08-f3bda86d545b%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2e857ad4444f48ce945e6ca5f0e5d9c1&ssp=openx&bsw_param=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=
Request Chain 925
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=3589912411653720389
Request Chain 926
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5036F47B1E164C5B8C56BBC185A6E0FD
Request Chain 936
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5036F47B1E164C5B8C56BBC185A6E0FD
Request Chain 937
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6486416200911656969&expiration=1648804354
Request Chain 938
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mXDI4agD1Nv8EU5
Request Chain 939
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_174ff51fcf874097873f0
Request Chain 940
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Request Chain 941
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=43725741-ff02-4e85-a98c-5a33d68f862f
Request Chain 942
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Request Chain 946
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Request Chain 947
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_87d0e3b1-52c2-4ffc-aa8b-a11e37fc35b5
Request Chain 949
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=5874dc9def68121b&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ0wMP92sHAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Request Chain 950
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Request Chain 953
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Request Chain 954
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 957
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Request Chain 958
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_e70d3760-4b08-46f4-834f-65339a453d07
Request Chain 960
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=301996b79947121b&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbf6_kKU1JAM9XMDvAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Request Chain 961
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Request Chain 964
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Request Chain 965
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 968
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Request Chain 969
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_ac30a96d-446b-4335-8d96-04fb42ed3a51
Request Chain 971
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=cb086d1bbae1219&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ1QM3UEelAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Request Chain 972
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Request Chain 975
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Request Chain 976
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 984
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1042
  • https://gcdn.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/14C5C8AA0DD531C9DFBAF8425D77D151F31B83D3.51977C2107DAA314C6A135CD067ED38C03E2D681/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/804E73E53FE7923F42AFB0A298F853957CC9EE03.6D0B509C9722261F36B8B782E2C9000E580ACF29/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Request Chain 1049
  • https://gcdn.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1F80774F9B6196977FF9AA17D935D53F64737C63.4066C280FF77C7D800DB915B375125036AF3DF36/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1389B2C7C45FC8F7E6A5C646E8E37F756B9108FD.7D93FD05A1018FC8B53A945F5E0A0CAD7C009C77/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Request Chain 1121
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 1122
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Request Chain 1123
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26v%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&v=1&taboola_hm=QKodMwjjXFVx&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Request Chain 1126
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Request Chain 1127
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 1128
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Request Chain 1129
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 1130
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 1187
  • https://d.adroll.com/cm/index/ssp?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1188
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Request Chain 1189
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Request Chain 1190
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=YjRM-vslB2dqu-QqfshUQAAA%26559 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e
Request Chain 1191
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Request Chain 1192
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1--- HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=7c645530-439f-430f-be08-f3bda86d545b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dindex%26bsw_param%3D7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Daf231e30-3711-4eea-abed-7905c7506b1d%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dindex%2526bsw_param%253D7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6359460436251910749&pt=af231e30-3711-4eea-abed-7905c7506b1d%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dindex%26bsw_param%3D7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=7c645530-439f-430f-be08-f3bda86d545b HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 1193
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YjRM-vslB2dqu-QqfshUQAAA&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Request Chain 1221
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 1222
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=JgxFH3Odks2T&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Request Chain 1223
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Request Chain 1224
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Request Chain 1338
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 1393
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bf3d6116-2f12-4b2f-8206-ce18651488a2
Request Chain 1394
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 1395
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3jBWw7zJB5i_wU4YBk00Yg
Request Chain 1398
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 1399
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Request Chain 1400
  • https://pixel.onaudience.com/?partner=214&mapped=B93E2E12-AA9E-4220-8310-B08598FC53B9 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=547a1af06dbd9e5430744b2dd9d67bf&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=0693932948cf7b81
Request Chain 1401
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
Request Chain 1402
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1404
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA5356
Request Chain 1405
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Request Chain 1406
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3f861fab-f2d3-4100-877a-4a1c9369b063&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1407
  • https://pixel.onaudience.com/?partner=214&mapped=B93E2E12-AA9E-4220-8310-B08598FC53B9 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=547a1af06dbd9e5430744b2dd9d67bf&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=f67a371d-f285-4ca2-be6f-f2af79502cb4&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=c712a4ea334221fd
Request Chain 1408
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
Request Chain 1409
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1411
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=19802351-4727-440e-b362-a84f0b4b3d64
Request Chain 1412
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 1413
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WHuJLfrXCI2cs11LBk00Yg
Request Chain 1414
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA534F
Request Chain 1416
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Request Chain 1418
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 1419
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:75ead994-85d8-4376-989b-62e1eed3da48&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1420
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Request Chain 1421
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=8e30b060-a69b-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9
Request Chain 1786
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1811
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1839
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1864
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1902
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1929
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1957
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 1988
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 2020
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 2046
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 2075
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 2104
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Request Chain 2105
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 2106
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Request Chain 2107
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Request Chain 2108
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=5ft7yHrTcDZd&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Request Chain 2109
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Request Chain 2110
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Request Chain 2111
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Request Chain 2125
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=2a5d5a46-1366-4916-9114-7cf922fb3049
Request Chain 2126
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 2127
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Request Chain 2129
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&prevuid=03030002_62344cff31ce1&knw=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Request Chain 2130
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=Th4TLbdfM?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=Th4TLbdfM&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=Th4TLbdfM&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Request Chain 2131
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=41183b05-50a9-4e6a-84f2-393f56d29b15
Request Chain 2132
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 2133
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Request Chain 2135
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&prevuid=03030002_62344cff31ce1&knw=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Request Chain 2136
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=0h4TLbKfp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=0h4TLbKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=0h4TLbKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Request Chain 2137
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=b99b78be-f581-4bf0-85f8-62fcd6d96aaa
Request Chain 2139
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Request Chain 2141
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&prevuid=03030002_62344cff31ce1&knw=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Request Chain 2142
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jhfHLsKfp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jhfHLsKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jhfHLsKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Request Chain 2152
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=4ae1855b-a97c-488a-8d28-7322e27bbe48
Request Chain 2153
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 2154
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Request Chain 2156
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&prevuid=03030002_62344cff31ce1&knw=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Request Chain 2157
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jOfTLbK4p?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jOfTLbK4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jOfTLbK4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Request Chain 2158
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=e14a08d2-53d0-4c69-bed6-7fa374bc359e
Request Chain 2159
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 2160
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Request Chain 2162
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&prevuid=03030002_62344cff31ce1&knw=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Request Chain 2163
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jh4HRsd4p?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jh4HRsd4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jh4HRsd4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Request Chain 2164
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Request Chain 2165
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi= HTTP 302
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Request Chain 2166
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 302
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 301
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Request Chain 2167
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_174ff51fcf874097873f0
Request Chain 2168
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=9b5c8a03-f1a5-424b-ac4a-8e00f240cd39
Request Chain 2169
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Request Chain 2173
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Request Chain 2174
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi= HTTP 302
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Request Chain 2175
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 302
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 301
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Request Chain 2176
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=AVk8fCqVz5T6ZMTv987HfHLL&source_user_id=di_174ff51fcf874097873f0
Request Chain 2177
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=a03f7c10-0fd5-4b5a-ab4c-227b214b18cc
Request Chain 2178
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Request Chain 2183
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Request Chain 2184
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi= HTTP 302
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Request Chain 2185
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 302
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 301
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Request Chain 2186
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://id.rlcdn.com/467756.gif HTTP 307
  • https://match.deepintent.com/usersync/112/store?id=Xc1364jPJ3JftJJ4h_a13mcsPDh7NQiqA4uI8yVkxGNcRBFyw
Request Chain 2187
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=fc66658f-a4ca-4247-ba4a-df423b39f982
Request Chain 2188
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Request Chain 2189
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Request Chain 2192
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=6c08c9107bed88b791eade9c
Request Chain 2195
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Request Chain 2196
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%% HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=L7vYUGFfiEMQ&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Request Chain 2197
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID} HTTP 302
  • https://u.openx.net/w/1.0/sd?id=544034803&val=c0ae426b489297186644
Request Chain 2200
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Request Chain 2201
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%% HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Request Chain 2202
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID} HTTP 302
  • https://u.openx.net/w/1.0/sd?id=544034803&val=6ab1b5ef30496335114e
Request Chain 2205
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Request Chain 2206
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%% HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Request Chain 2207
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID} HTTP 302
  • https://u.openx.net/w/1.0/sd?id=544034803&val=9ddb4a18436a2667174f
Request Chain 2245
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Request Chain 2246
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Request Chain 2277
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RBL1QHx6UjNGbjFuaUtZeEwySHdkeDhaTExXMHgzdkNyTU9VVEFqTGJKTmdHRm5rNFRzUG1KbmdtbGZMem9ielZZd2h0eFJaVUJ6RkVJNkVzVHFNZG1HV3BKLzJBcUtXTVJ2MGVJaUErdVJxdWdJS2ppeGV1UGtMK2JhTGQ0RllxVjJzZk5CSlUyd3ljdmNkZFRpZ1p4SHhpa2pBdGQxcE9FUUR4cnJySjRvOVhTVGNmNTdVN3Jua1piQ1lSczJrcmcyb29lYnpteDBtME83WmVNZlpPUTFsRkVpWWx5VWxtaTdjTWdlQ091SlZBRjFLUE9UNW50Q2Eva211SUhPOEo4SUg4MnJyenZTUnlvVFhTMG8ybjRyZ0ttSTlxcnpsTERBMWkxMm82djUwZWlSMD18&cppv=2
Request Chain 2280
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=X64tgXxzdy9hYmZ2TFdJOXVJeDdCajZzNmNCeFp2VDM4UHlrdTJwR0lWVmdWT2h1MHAzeER6Z1luMTBBd0IvU0Z5T2cvYVpGVVowV3E1MCtTdHZycUhMOHUrVWYxQ0FSR0RhVGNjVkpwam1tcW44OWF1SVRhTE9SOUdLYTNTTXhCUlhTaXhUM0diN0U1MmhXZkpWbWNuK1ozdmtwRWFiZXFZdGZUNlVEN1lnY2o3dXZsVXoydHQvUi91QWI0ME4yVkVPSWFpOWVPcU1jV0d1R2JpQlBlc2VPNmVXOVExN295ZUpGdmpiUGJHTmpmcXNRTFBzb00vU0ZsdUQ3aVZLcnRLY3l2cG9mYW5vOGdKbFdLeDhmaThWdG0xWG51d0tBVUk1djlxWE9YZSszcGxTTT18&cppv=2
Request Chain 2282
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zgWUgXxIUkd2TFU2ZmlaakFKTURZbWVzaUtOSGUxWTVMUVc3a3M4VUh2aEkzRUF2K1RNRHJacllzQ3hsY1dKeTFhSFgvVlpLUUpTMHVWYW5tdERYOWRNcW9XTFlKVHFEZkV5bE1qNTFrS0hVRW8wZ0xuNGNtNEJ5aWx4TitmUmpaNFNSc1FVK2NCM3VyVmd6MVZ0VW9iZHNwNXFoZmc1eDd4SDFNbE1LdFJnRFlqNmxuNzZ3bG90bGx2SStWR0FHaWdST1ltYUxVcUtYQmN3TXhOUHdPZ3FwMHREZGt6R2RCNllKSUczWHFSTXcxWW1sVzBaZVZsS093eUF4MVR5WFJtTkVSakRWQ2FwajVtcFpVZG1jNUhhV2Q1cTY4Zm5rS0dMaTBpK3c5Mzd6VmYwdz18&cppv=2
Request Chain 2285
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0lXfrXw1UHBBK09oQSswL0VIZHRjekZMWmM1cHpvUDhERS9XY09tTDhkQmNoZjFFb3RrdnBjbHZtNXNtQVpXUVBLeURKS21rYTJYS0pValJmdzE3bkFIK2F5U01KbGFYOEl3MStFanBnMWt6MHBTa0ZsZVdEeW5CL1hsRVB0c0svZ0hwVG9ZdXNkWW1zYy95cTJDRHRleGwzOWdvNjllY28vNGUyeVhSZU5FdnBNZjByMTlTRkN0S1NPeFpqSWhIdThFSk16YzcyeDRrVFE1ZlhzTU93RFB4aVAwMnJtRVgvY1I5V2d2RTY4b1hDRzNmYTR5WDhwM0Z0cDNZUUk0eUs4dWdCRlBYZGJURzFCMnFYVktEUFRCQ3VOWVBzc0I5SlpoeHJsNWQ0Rk54d2oxRT18&cppv=2
Request Chain 2287
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=xybQpXx6c3NrcnVIczlzR1FOUnpURVdGNy84MlZUaXg4K1VpaTFCbzFmbWlYdVA0Z09LbEFhd2lrSEI1dzMwdE5ROWlFM0l4SVJQNG9HSTd6SWIrMUI4eTB5V3NIeTJ6TFRSNDdHMm1mZ29Ub1VIS0tqZU1YcWZhbFY0dkluTHFKMHBhSXczVjIrNHZaZlJSM0hkOHpHS05hcktVbmRXV09DbWJDQjNWRXIxcnJ4VUR4RXo0TzRtWUNtWmNteDVwZGlVWFg3cHNFK0tGem9IVU9zNWQ0SHlzT29Gb0FaTHcwaUR2djVuWk9aR2VGU2NBdVFtYjZaTG0ybzJrbXErMG1QY0czVHpmeUFCTi81TzI2aktEV0tscks5aklISlBhVWlPeTFOOVBxSG1zZDBXUT18&cppv=2
Request Chain 2294
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IhfZvXwzN1lzNUoyY0ZLZ284Z0JjZ0s1VitERE5SS1hHTlh5NVBpVS9QdC8rN3Z2SzRXcCtzTFpZS0JNRlBVbE5sTTRFUEhaZDFaTHJxd3drQlpDQ1lGRUh3WGNxM0tVV3M2VXRJUzFtRk9MaC9KcWgrSkhLQTdVZTYxanNiM2tjMk1CWDdRMU93RmtmY0VUd1FTSmFxdEZWcVBBOWk1WC9QcVRoWHk4aDJsV04xTlJEbXNyd2g4VGdhVGdITW93bk5INHhRWFNpa21sQVJobUFXbGJxSUp2RHJSTTM5bG5uZGg0N0NEZDYzZ2NSY2luZjE5WUYwTGFkREVKbFFHeE9PVEtqRDM3SGtWQkl1d0JVK0YyQzZZTGNaeHE0UmxidU5TSXRzSUhRTjZSTHlUZz18&cppv=2
Request Chain 2300
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2SIekHxYdzRkN3VoRlZMbExOWXdGeGJRQUhhdVRrbkx2c1pVRFhsdDZRVEthZW5obGlNUzJzV2h0SkVZUzlnRytKSDBvK2JHTzhQRWpsTUdoV1ZCWExZNEtrUzVoNEE4NmV2dUdqSFJWTmNOV1o1TVo0MnhCcFMrY0pqczBFMml4cTVYUmhtT0xqMXljY2VYclM0S2JUeUlPaDBXa084bXhFeUlFbUIvM0dKMXNVWWJNRnQ4UzMrb2dJVjhlNEszclB6cWxacmk0VGR6YUQ4UDM2b21WRmp6QjFZdzc1bFpIL09ueXZJM09EQmZUNUVWZHN5Y3dBa1lRSmhTQUl0MnZGL3hCQTUzemxFeDMwVUZUbmQ1cS9vL3dyNGw5OXJHYnVhekJCbnhVYjByMmtsbz18&cppv=2
Request Chain 2302
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PoCnv3x4eW81SzVjK29mUFNBL2VGYkttMGpUR29kTzhWU1V6L3lNZXZJMkN6WW42K0Jqa2pNZXByZFgwdkdhY0tXeWY0clFKWUQyYTZRWmdXWHBoTDUwVldNUTk1anByeXVxbkVsQmVkRktlTEpLOW9NOU9nTkxKWCttWVUrZ1JmZEpxWjhMSUZyYmFaVVZOMmMzeUdHRVgzNHFBMUlaVTBNM0xWTVpGYUsyM3hocTBRRGh5K0RUajlZTHNud1lZRUxodVZPN2t0Z3I5azBtU0N6cC9QL3pDVWNkRWNCdEhqTnkzaU13NE4xei9FdUdKOWtRNHJDMTdRMTFuSVZhOWdFNVF2Q3FOM0xtbFNXcW54M0hoODUwZVczQm11cUxNRjlUT0RpdGNMQXd1TzFvST18&cppv=2
Request Chain 2303
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=LlGgznwwa1BFME9vYnQ5bzJMN2ZaQ25mNUV4aWpQVHVXUDU5NkdQZnd3ZHJzTU9INjQ5RmVuT2I5U2trckJOTzZseU5GWElhQmNqOXZMSDFxMitvS1JoUFJCdjBPU09Qai9nZHMySThzQ1VxWmtkN3VwMUtNZlhWMnQ5L0dUam52cE5FVEdtcjVDaCs3d25BcmJOQkJJOU5LQnNuQU5jMnBJdlN0anJrTE5XSVdMaFZvcUVRdEVFOUhJRFRwYlNnaUN5enk1SVkvUEJhQWlNN2VLWkhhV0ZMNVpXMHdvdm9YK3BjcW9xUWNEYVhQcDNvNHFVYUVBSW50WFc2UWVKeEhYeDJLd3doeWhNT25wVjNsdlBLRzJ1Z3BUT2xHRE5qVlJOUTVtRFhkTURLb2ZROD18&cppv=2
Request Chain 2304
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=irMVgHxLRFlaYTY1YmM2Y0lxemROKzdTTFRTWFZUOVZ6K2dBQTU4d0pua1p6S2hHZDQxcURHZXN1SVR6ZmlaWWxzcktUc0MxRTgyd3REMGlyaU5kQXQrOGROZzZ4NW0yWUtqeGE5YnVOaFNOTjBxajdYdElBK0JuVnovV2hhNk52eEtVU2pDaDdKVnlEa1F4V3VDbnVKM3BvV0JpYS9DeFhXRkVnR0dtakdGNS94VDJiQm1YcklMcWw4MmRjUHR5UXJSSmxxbzFlVkZDbjArVWsyUkdkblQ1K0Z1Z24rV3Z0RW9rREsydnBLNWZpbmlKSHI2ZytyUDlCbVFSNTNIMHA4MW1zUWwxaWZCcHlmaGYxcCtkSFl1cFZMaHlEK3RZK0hqRVFXVzhKOEJYU1JJdz18&cppv=2
Request Chain 2305
  • https://gcdn.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/86AA46E9FB9795DF2535757D56FF0F6C0282040C.4D6952CDA376D066A50946F75956551F76B408D6/key/ck2/file/file.mp4?cpn=q4HADjZjMFTiE2bG HTTP 302
  • https://r5---sn-ab5l6nzr.c.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DB68AB133C10299F4DF5A41027D2FE8E8EC831E.2378537B9EE617A1DC1DDBE168F666F43E88FFC7/key/cms1/cms_redirect/yes/mh/Bw/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzr/ms/onc/mt/1647593599/mv/u/mvi/5/pl/48?cpn=q4HADjZjMFTiE2bG&file=file.mp4
Request Chain 2308
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=sSTv1HxpaExkVVFqakE0UG0zclpRSWVibkJJaC80R0d6UWRMQ1hJS0dzZDJEdDArc0gxSTNQU0Y3d0hFRmZUUVZubk1Ec0lxZVUzbERBd2t2d2xIWkE3c3YxQkszeDgrTWxjNVV2bFBDMnUzR0ZEaWhja2J2RlVsOGZjVWNrVmtpMXR5N3ZHZitxemZ2RnhXN1lQWmJ5QnB5ZmxGaU02ZjBWUWRBQ1RENkFKZWZlYjJNYU5MQXhLUUd1Y00wcEh6QUk4WUdnWWdtVEJwdnA5L1FVSHZYSXc1OXk0ckM1M2paUjVlUSsxSjhpZkp0YXcyQ3MwZXpjaHg0aVVpczAvM0pZWVpkZUpnMU53dFk4REZlbERBUUNPYzYxWXRJc3JqYWh6bEFtaktmbzhjTzU3bz18&cppv=2
Request Chain 2310
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=XmaZUHxVN2hTVFdrZUt0dm9PTkFFbFNQYUdvZG45bUJYTnN4V1lxQTRlY0Nkbms4dFVxbFhTUUdjMCtNa3gwRjg5RlN6WUptczV1cHR5QWp5YVY3dVVxdkVsV0NpNVNFMnZTTngyb2NDTEZ5azBpRnZWQmY2SlRPNEFLOU0xUTdqSi9zczdZd0JDZnoyZmtlVTdQL3RqckpSZFBSclR5UHVjN0FKOW10eXErVW1EdEtaZXpkM3VjZ3hueG04bUpxWURSMVRIU21FT2FnVk9zSkdVK0U5enVDbnhybFZmRjZUeFUreXVZeGRsbzhVblkyZFhER1JNVXphQk5pVlczL1VDNjVYRFRSWWJMbC9qd3JhMnNWK3ZVODYyRndRekJKZVJFTmdNMTVoYmR5STc5az18&cppv=2
Request Chain 2311
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6e9rNXx2NzQxYTgxZ3RJSUI1S0szVkdiSm9CWkQ5TEkxNWE4Y3VibEEzU01UdkdNRGNGaW9aU0dDc3NJdkNydTJTcXRiSS9IRmttL0ZQdkVSOThYY016am1aM1JBSUdKa3Z2ZHlHQnFMaExwWklTKzNrZndFYjkxVFM0RC8zSlhSOWQwVDdSb3l6VnpWV0xlVlNhSUsyUktPd3ZUVE9tb0hOanZJTDhQNkVtNXd4NHRzSHAwM1V1V3dDSTZZdUJ1SmdvcmpNeHJ0MldFdFFOeXdLUm1PYVpmYStIdk44bzIrWEdISzVRcmpVZjM3SUVwQ0tZQWw2elI3TlFIVk5mZElKTzVIYjl3R21uSnVPTjRlT2lpNnpQVm9FR3RzNDJURG1vRmxyeUMyTEMxb0ZXcz18&cppv=2
Request Chain 2313
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zxNCwnxCd3gyL0lwaTdqSmpEOEcvVVBtaWtycmhtUXRlZHJRWEs2dmpDMkFTcVZWaTFDeXF2ZDRnNDQ4L1VQdDFyeDVhNFFxRlNkaEJYRHdXbm1zcVluemVjKzcvRGRCWUN3NHlBZGJma3F1OVM1K3REb1JUWitvYWdwQjV4V253NlpsWHQ1Yk1TVmx1UWFFa282Q3dBZFdXcm5ieFNuclJCU0QyRzVIS3o3anJFT1BIVm5lVWY2QkRnY3VXTVRJaVBLL3IxNlpjMFI0U21ETlZsaDJEODhxZEpXZXJBZUFmZmVtSVhWNkUwVDBrMCtTNVJaenZzc1V2QXZBN2pjNU1aQllyNzM3cjN0LzhJbkdTaTRyQUpmdnlDb2tNVlhBeTMrREtFTGJBcnhGZFB2ND18&cppv=2
Request Chain 2314
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EEjgT0BKQ1BlCTXgpCLK72AJ-So
Request Chain 2316
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD22CDHFRV6STYOVVXQ23VIJPS23CUI5AXOJTVONPXA4TJOZQWG6J5GEWS2LI&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD22CDHFRV6STYOVVXQ23VIJPS23CUI5AXOJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hC9c_JxukxkuB_-lTGAw&us_privacy=1---
Request Chain 2318
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Request Chain 2319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=1---&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Request Chain 2320
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Request Chain 2321
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YjRM-vslB2dqu-QqfshUQAAA&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Request Chain 2346
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656893234070
Request Chain 2349
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YjRM-vslB2dqu-QqfshUQAAA&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Request Chain 2352
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=1---&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Request Chain 2353
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Request Chain 2381
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=468fad316f7e1219&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAGbrSlsxWKNwMuV7Q6AAAAAAA&expiration=1647681164&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 2382
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 2383
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=116e1e10-1710-499f-9bea-964d3a3bff34&dongle=8f7
Request Chain 2384
  • https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3898&xuid=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&dongle=ac37
Request Chain 2385
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=6g-gXehe9QzxCaRb7F--WOpZq1_xCvZYuQs345UY
Request Chain 2386
  • https://sportradarserving.com/sync?ssp=triplelift HTTP 302
  • https://sportradarserving.com/ul_cb/sync?ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7963&xuid=2ecac175-e4bb-473b-839d-2f57283fa661&dongle=3oy7
Request Chain 2387
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=mXDI4agD1Nv8EU5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 2390
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2230631680262455077259 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2230631680262455077259
Request Chain 2400
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7c645530-439f-430f-be08-f3bda86d545b&ssp=between&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10616532434342100225&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=af231e30-3711-4eea-abed-7905c7506b1d&ssp=between&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214200604094006073608&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10616532434342100225&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 2426
  • https://rtd-tm.everesttech.net/upi/?sid=QYNMgZCWoe2wivPIO6T0&cs=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ
Request Chain 2428
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_cm&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ%3D%3D HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEARTuODML6v7n-vF_pp0HeM&google_cver=1
Request Chain 2432
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC618PFFTSZTCZWNT9NXT8H7&userid=YjRM-gAN66WnSAAy HTTP 302
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=945&ta_format=gif&ta_partner_did=E9FE735D19F4126ECDC057FCB7E06400
Request Chain 2446
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1026&partner_device_id=YjRM-gAN66WnSAAy HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=af231e30-3711-4eea-abed-7905c7506b1d&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Daf231e30-3711-4eea-abed-7905c7506b1d%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73036983126550283923672921214654110234&pt=af231e30-3711-4eea-abed-7905c7506b1d%2C
Request Chain 2447
  • https://thrtle.com/insync?vxii_pid=10064&vxii_pdid=YjRM-gAN66WnSAAy HTTP 302
  • https://thrtle.com/insync?vxii_pdid=YjRM-gAN66WnSAAy&vxii_pid=12&vxii_pid1=10064&vxii_rcid=a2603cc0-0c99-45d7-a530-cf71307404e8
Request Chain 2451
  • https://ps.eyeota.net/match?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent=
Request Chain 2452
  • https://navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy HTTP 301
  • https://cdn.navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy
Request Chain 2453
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=db7e229ad35eb3dc2e863163a34c1f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&23409=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&45=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5b13_7076365628441686317 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f67a371d-f285-4ca2-be6f-f2af79502cb4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGI3ZTIyOWFkMzVlYjNkYzJlODYzMTYzYTM0YzFm&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEANgPZu7QG2V4JR0h1wFW9o&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGn007EaJoAAAyap1piaQ&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/db7e229ad35eb3dc2e863163a34c1f?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-X4NHBfVE2oOc0Qs48lc8tR_vBZcSMk19478JQJzP~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=mXDI4agD1Nv8EU5 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=8af7dc84-a69b-11ec-9692-13cc52d00862 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6359460436251910749 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=9645647&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=8a1de752-a69b-11ec-92c5-fb53764b0872 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Request Chain 2454
  • https://idsync.rlcdn.com/367138.gif?partner_uid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent= HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 2459
  • https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=&sInitiator=external HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg1MjQ0NjQvdC8w/url/https%3A%2F%2Fuipus.semasio.net%2Fturn%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%21%7BTURN_UUID%7D%26sInitiator%3Dinternal HTTP 302
  • https://uipus.semasio.net/turn/1/info?sType=sync&sExtCookieId=3142368608644553920&sInitiator=internal HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&gdpr=false&sInitiator=internal HTTP 302
  • https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-ydooa01E2oOCHUjyQg9kd75H2nkz_f3QVRQ-~A&sInitiator=internal&gdpr=false
Request Chain 2464
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy&s_h=1
Request Chain 2465
  • https://pixel.advertising.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Request Chain 2466
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-1389049342319734444;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs HTTP 302
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Request Chain 2468
  • https://global.ib-ibi.com/image.sbmx?go=252280&pid=368&xid=YjRM-gAN66WnSAAy HTTP 302
  • https://ib.mookie1.com/image.sbmx?go=252280&pid=368&xid=YjRM-gAN66WnSAAy HTTP 302
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=YjRM-gAN66WnSAAy&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234
Request Chain 2471
  • https://aa.agkn.com/adscores/g.pixel?sid=9212124818&tm=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent= HTTP 302
  • https://d.agkn.com/pixel/2611/?puid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Request Chain 2478
  • https://tubemogul-sync.dotomi.com/match/pixel/current?networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy HTTP 302
  • https://tubemogul-sync.dotomi.com/match/pixel/current?DotomiTest=6cfcab8dca6121a&is_secure=true&networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy
Request Chain 2519
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiNmtGRBlIFl4XSlAY* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiNmtGRBlIFl4XSlAaiARCTGdZ-ppsR7KbpACWQyCQ3 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiNmtGRBqIBEJMZ1n6mmxHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiNmtGRBqIBEJMZ1n6mmxHspukAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9319d67e-a69b-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9319d67e-a69b-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=ivgw%2FixEoHRGm7CNnxTugQ& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata&google_gid=CAESEGDsdP8l4KBl7R6KYWo5m48&google_cver=1
Request Chain 2535
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pnblkx3tf HTTP 302
  • https://mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 2536
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pnblkx3tf HTTP 302
  • https://eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net/eum/results.txt
Request Chain 2553
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.31%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7906240616 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.31/b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?zcc=0&sspret=1&rndcb=7906240616 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 2554
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Request Chain 2556
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D HTTP 302
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Request Chain 2557
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.31%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7929700500 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.31/b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?zcc=0&sspret=1&rndcb=7929700500 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 2558
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Request Chain 2577
  • https://rtd-tm.everesttech.net/upi/?sid=QYNMgZCWoe2wivPIO6T0&cs=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjRM-gAN66WnSAAy&expires=90
Request Chain 2580
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
Request Chain 2581
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YjRM-gAN66WnSAAy
Request Chain 2582
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=&expires=30
Request Chain 2583
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=695 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7206&nid=1197&put=53845701-5679-42cb-af55-faf54af017af&expires=30
Request Chain 2584
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a41e6234-4cfd-4600-9afd-9c92d96c3201&expires=28
Request Chain 2585
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=mXDI4agD1Nv8EU5&expires=30
Request Chain 2586
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGn007EaJoAAAyap1piaQ&expires=30
Request Chain 2587
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OCWrorkGYl7Bdda46ymLbQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
Request Chain 2601
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Request Chain 2602
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D HTTP 302
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Request Chain 2603
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.31%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=720942884 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.31/6359460436251910749?zcc=0&sspret=1&rndcb=720942884 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005 HTTP 302
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Request Chain 2611
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 2616
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L0W7DGRS-P-64GH HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L0W7DGRS-P-64GH
Request Chain 2630
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517
Request Chain 2631
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&expires=60 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://cm.mgid.com/m?c=7c645530-439f-430f-be08-f3bda86d545b&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
Request Chain 2634
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
  • https://onetag-sys.com/sync/i,1/a41e6234-4cfd-4600-9afd-9c92d96c3201
Request Chain 2635
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag HTTP 302
  • https://onetag-sys.com/sync/i,2/L0W7DGRS-P-64GH
Request Chain 2636
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=17vAH-a_xcNIyXvst3rkugaXT4zP7clyOy57DOHTEUQ HTTP 302
  • https://onetag-sys.com/sync/i,34/6486416200911656969
Request Chain 2637
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6359460436251910749
Request Chain 2640
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABf5xND056mOUtd6xKhz6p-NBavUoWy3wyxQ
Request Chain 2643
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6OwDdlBB7EgHp_K4SyUaU&google_cver=1
Request Chain 2644
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2605685dca9121c&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGbf6_kKU1zwMf37nbAAAAAAA&expiration=1647681170&is_secure=true
Request Chain 2645
  • https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Request Chain 2646
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/sync/i,29/?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=1650186770
Request Chain 2647
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=758cadc7-c8d4-4002-9260-448ab8a6aeda&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2654
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 2660
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F4583e0ec-e0f2-514d-bbae-6eb4d99a23b4 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4?redir-setuniq=1
Request Chain 2662
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D HTTP 302
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Request Chain 2663
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Request Chain 2664
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Request Chain 2665
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Request Chain 2667
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Request Chain 2668
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Request Chain 2669
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Request Chain 2697
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Request Chain 2698
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Request Chain 2699
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Request Chain 2701
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Request Chain 2704
  • https://sync.search.spotxchange.com/partner?source=pub_71451&sync_limit=5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESECzb1bTJJZ_oJC7uccWff9E&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&img=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent= HTTP 303
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAGn007EaJoAAAyap1piaQ&gdpr=0 HTTP 302
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=da9b1850-b2df-46ec-8b1d-3c969b4d682a HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Request Chain 2721
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Request Chain 2722
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 307
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=23011afd-98f5-4519-956e-5366f9787085&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Request Chain 2723
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec HTTP 302
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Request Chain 2727
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Request Chain 2728
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec HTTP 302
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Request Chain 2731
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 307
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=10772902-1686-41a9-9554-59b2977ff940&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Request Chain 2737
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 307
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=9947282a-9962-4996-b93f-5460e5cb290d&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Request Chain 2738
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec HTTP 302
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Request Chain 2741
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Request Chain 2812
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&&taboola_hm=0b9r5uPyhAf7&orig=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Request Chain 2813
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Request Chain 2817
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%25%25VGUID%25%25%26origin%3Dvideo HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0b9r5uPyhAf7&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Request Chain 2819
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Request Chain 2825
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%25%25VGUID%25%25%26origin%3Dvideo HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=QYi3g69PjTQs&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1

2832 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
www.dailymail.co.uk/news/article-2187999/
Redirect Chain
  • https://protect-us.mimecast.com/s/byCVCXDPMgi6RAmph6ikWl?domain=dailymail.co.uk
  • https://protect-us.mimecast.com/redirect/eNqtVVly20YQvQoLvxFIzD6jSlJmZDmxS5JjWbKchCnWLA0SFgGwgIEZ2qWf3CKVY-QIie-VBigvlOw_fwE9vfD1m4fHt0nj1zE5TGxpV0VVb9pr-2DRFQE2RQNjX5fJQbKqfXJIDpIGPBTrGIsSMJZcCZYZ...
  • http://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-
  • https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-
  • https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
688 KB
139 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72a4ec63cc66747886fc0270433477c322290c617c4b8e2a027bfd4c0e54d9a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=UTF-8
x-rs-ctime
1800
vary
User-Agent Accept-Encoding
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
origin; dur=219 edge; dur=97 cdn-cache; desc=MISS
x-mol-georesp
us
x-rs-ben-time
Mon, 07 Mar 2022 17-01-29 GMT
x-rs-time
Mon, 07 Mar 2022 17-01-29 GMT
x-rs-ops
varnish6-web-a2-fe:6081
x-rs-ben
cljfe-b3:8181
x-storage
dmoldarticles
last-modified
Wed, 15 Aug 2012 11:55:57 GMT
x-akamai-transformed
9 700098 0 pmb=mRUM,2
content-encoding
gzip
cache-control
max-age=237
date
Fri, 18 Mar 2022 09:12:27 GMT

Redirect headers

x-storage
redirect
x-rs-ben
cljfe-a2:8181
location
/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
x-rs-ops
varnish6-web-a1-fe:6081
x-rs-time
Fri, 18 Mar 2022 09-12-25 GMT
x-rs-ben-time
Fri, 18 Mar 2022 09-12-21 GMT
x-mol-georesp
us
content-length
0
cache-control
max-age=43200
expires
Fri, 18 Mar 2022 21:12:26 GMT
date
Fri, 18 Mar 2022 09:12:26 GMT
server-timing
cdn-cache; desc=MISS edge; dur=79 origin; dur=5
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
vary
User-Agent
rc-main--.css
www.dailymail.co.uk/static/gunther/17.14.3/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.3/rc-main--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b607154e42a81b546411af9c5e35c995d8ec95cd5e5549081130d56cb35cca0a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4320
last-modified
Wed, 19 Jan 2022 17:10:12 GMT
server
Akamai Resource Optimizer
etag
"f1ecec7e53cbea327faf8acaa780032e:1642591649.666868"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2275404
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 13 Apr 2022 17:15:51 GMT
RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
s.go-mpulse.net/boomerang/ 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:a9c::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 11:24:01 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
dm_com_29.png
i.dailymail.co.uk/i/sitelogos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/sitelogos/dm_com_29.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36ecc5b76302bfddb2dfd9cc368630349183745d8ff370079e904aa7f24f5e81

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Wed, 08 Nov 2017 16:48:15 GMT
server
AkamaiNetStorage
etag
"087d981886e94a916c9f984b03dbcaeb:1510159695"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3361
expires
Sun, 17 Apr 2022 09:12:27 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
news_masthead.gif
i.dailymail.co.uk/i/pix/channelheaders/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/channelheaders/news_masthead.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a3f69777dc1f29882c9149b513ad5c5f748020328c8d8f4723a2ee32b8bccfe7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 11 Jan 2010 13:15:20 GMT
server
AkamaiNetStorage
etag
"30c94250e5a71f5bcf9ebc3e54e5b9b9:1263215720"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
8792
expires
Sun, 17 Apr 2022 09:12:27 GMT
navigation_bottom.gif
www.dailymail.co.uk/i/furniture/structure/ 		154 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailymail.co.uk/i/furniture/structure/navigation_bottom.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Sat, 22 Jan 2022 10:39:36 GMT
etag
W/"154-1642847976000"
x-rs-time
Wed, 16 Feb 2022 07-51-53 GMT
vary
User-Agent
content-type
image/gif
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
x-mol-georesp
us
content-length
154
x-rs-ops
molfejava-a2-fe.hsk.mol.dmgt.net:8081
DailyMail.png
i.dailymail.co.uk/i/furniture/facebook/DailyMail/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/facebook/DailyMail/DailyMail.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a76805478771fb0cd54208b7170941c30cd2e85cc900a242bd0117d9a07290e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 28 Feb 2022 00:42:02 GMT
server
AkamaiNetStorage
etag
"5a2f3c5a224b1838dbbe75f8eec321ef:1646008922.129962"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
8676
expires
Sun, 17 Apr 2022 09:12:27 GMT
55052613-0-image-a-76_1646665422681.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55052613-0-image-a-76_1646665422681.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ac53d98bbcc1a5abdffd7eb55f9599cdb86e2caa3f21736d3e7f6c148ed7c78

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
0czjSpNWXIBCfmejO0794tMABmEbpMOC
last-modified
Mon, 07 Mar 2022 15:03:44 GMT
server
AmazonS3
x-amz-request-id
VZPP86HE810RH0YA
etag
"b0ea2971faf387be3d7d9f6d70a971d8"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7386
x-amz-id-2
aVybUUWeu/qd0p21241kAZhyspej8xoruZy3qEVLZKKAsMEw5Qrd322l/WocB3ks4fk5JFxEW9M=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55048459-0-image-m-91_1646662255174.jpg
i.dailymail.co.uk/1s/2022/03/07/14/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/14/55048459-0-image-m-91_1646662255174.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5423cdd6162c74224229f59b7c6a762352b3ddc08c9d01074356b2d94174c49e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hITDSGjz13BLO1iAGsVhmH7SUp6JsQVk
last-modified
Mon, 07 Mar 2022 14:10:59 GMT
server
AmazonS3
x-amz-request-id
2N9J2FGD1EHSQ62M
etag
"d6dc9fa2f4fb572591fdee2b7ae3418c"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7650
x-amz-id-2
2Oe2o7YSiOV6LAgMwpPmzB58Vq0oh6HOVPq+xeV7+Fi0X510UswSAzmuaxYTG8FjCEmr/npNtoM=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55052687-0-image-a-1_1646667453280.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55052687-0-image-a-1_1646667453280.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6deb5fb69dfbb570595d622dc49076ce9b59de8f66856ac06d5d5cbbd9d7092

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
8JJ3kAOZ.qk1b7KlBLFHDzXn_O4Mn.cJ
last-modified
Mon, 07 Mar 2022 15:37:35 GMT
server
AmazonS3
x-amz-request-id
SE3R36KTG70S4TBW
etag
"c51a929e1e4064c6571d4a8f749df033"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6208
x-amz-id-2
qNcw2nEkQaQfz9q7BRC2BYgT6pfOA/cq33yCP49H1TEi3q8pLiAMrohSxrUgEwXBWWyiMhj5y+M=
expires
Sun, 17 Apr 2022 09:12:27 GMT
logo_us.png
i.dailymail.co.uk/i/mads/v2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/mads/v2/logo_us.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
67a06928d73b313bdb6a0ea15a6f7231965d6dd0478e7b4d2e8e0c5d1c531a65

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 29 Mar 2021 17:11:11 GMT
server
AkamaiNetStorage
etag
"576d16e976e3865c1e7b18c8283457b8:1617037871.535151"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3923
expires
Sun, 17 Apr 2022 09:12:27 GMT
55054787-0-image-a-7_1646668972993.jpg
i.dailymail.co.uk/1s/2022/03/07/16/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/16/55054787-0-image-a-7_1646668972993.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b560c687803b8de5b79cbca16fbf82b136018401561e9e0c669be6c17b4720d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
e1RziJdbWdZvtDE.05NWyp8D5R7FCj1Q
last-modified
Mon, 07 Mar 2022 16:02:54 GMT
server
AmazonS3
x-amz-request-id
G53Y0314GVMKTXXA
etag
"ebed74a1677772c5e3a1922f5b632607"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3485
x-amz-id-2
QM9KmNXWhcDnkW2pYUkW/CHaEBz4mQyGOnE5gvQQEVCks3tMIo1EYPFODIrg8XvlnNSFPFrWfGM=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55050759-0-image-a-11_1646662581594.jpg
i.dailymail.co.uk/1s/2022/03/07/14/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/14/55050759-0-image-a-11_1646662581594.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efac768bfc278e82f32d05bd7e273d20e0d59f73dd64cb5c3b9cac7fd4dd380b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
m3qlgBYEVz6efQJbeQSBvaKOgovhmSAI
last-modified
Mon, 07 Mar 2022 14:16:24 GMT
server
AmazonS3
x-amz-request-id
MF8ESCDC6HV9T0PV
etag
"e447e4b3355e18578d52422396c78909"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
5656
x-amz-id-2
AOEvDB3CGewvMnK3dFWzPPeRTJRaDgPiDFFZJU1CjDvdF9sTT19M4ucni+mekFDFGukBeeXzuDc=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55054657-0-image-a-344_1646668592772.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55054657-0-image-a-344_1646668592772.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ab99f09d50e00b28dc898a3af4cbbf69256375e2f52a0e677355c4d59e8c183

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
CJbEnTHddkq8RX8a9hOs9zeWCTPApmXy
last-modified
Mon, 07 Mar 2022 15:56:34 GMT
server
AmazonS3
x-amz-request-id
3N352596MATJB3H2
etag
"f2c1464dfef8ba6853139c258eaa62e7"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5746
x-amz-id-2
lu6wvL6CFqragYe2972d2aQEnbyOn/NBS9FZHg9n1le3OSWZi3njFC7fDtfX26LuKlR0l+Yd09Y=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55054941-0-image-m-12_1646668865541.jpg
i.dailymail.co.uk/1s/2022/03/07/16/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/16/55054941-0-image-m-12_1646668865541.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
965ed958efbeb975560dafe857826f24d8e50f10456ac911816f6bc18f477826

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Lro9kNrpAIqtBejhpr4wDoQ0C6L0H3io
last-modified
Mon, 07 Mar 2022 16:01:09 GMT
server
AmazonS3
x-amz-request-id
35P5GHQTN5MBFW07
etag
"606300fe37d42adea39a7f02b09afebd"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5852
x-amz-id-2
XSEIoD4ZFnVQibF8OuPSpjqpvIGg/MB+PjB028K8eQOEsaEtxRdQD3wRcrudhfnKMHk7EQYo5oA=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55042735-0-image-a-22_1646649017448.jpg
i.dailymail.co.uk/1s/2022/03/07/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/10/55042735-0-image-a-22_1646649017448.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6b1aab40dbb86955ec908805dd13da47ef6defbb10d6d324a723c98b3bcc76c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
WsKN3N4Nzz2zyAzxLmzSwjAfxYExxCjA
last-modified
Mon, 07 Mar 2022 10:30:19 GMT
server
AmazonS3
x-amz-request-id
BXD2D63EJDP9YVSA
etag
"1e55aec40262773a9be17d88e5cfec3b"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
2814
x-amz-id-2
YwXaD6X+QIckYyr3ladqQWCR9APFkfM35J8nzoAcPk/zB9GYNw2bwPivI1/y/nZQZ/MFv3ztN3I=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55045485-0-image-a-7_1646652897092.jpg
i.dailymail.co.uk/1s/2022/03/07/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/11/55045485-0-image-a-7_1646652897092.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e6a423e9c608c3e47e0db45aab17f98ce9954acef2b064935d7f5b2980340c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
UK3FXYlhJThXMiBPXhr19mPqXgu0qCHs
last-modified
Mon, 07 Mar 2022 11:34:59 GMT
server
AmazonS3
x-amz-request-id
XQE9YDV6CGT4QWYE
etag
"8df56052afef4e424a7a3dda9dc2c92a"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3480
x-amz-id-2
WJj32MoIXyeltZ3Ry6ArWTapPyOWQp+21gyOttNWJyZBlU1LzXVWKDb3fFzD8nqueB049RbK6+8=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55045505-0-image-m-38_1646654539125.jpg
i.dailymail.co.uk/1s/2022/03/07/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/12/55045505-0-image-m-38_1646654539125.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ef6a66e98491724d878c000a1fcb81733dc43bf779afd9633c3f904e53d5e8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
r5Q.JX9WwL9o5p0I8gjb4jtmEqDDCjCn
last-modified
Mon, 07 Mar 2022 12:02:31 GMT
server
AmazonS3
x-amz-request-id
TR5Z7YCZ86ZZ7FWB
etag
"c4cca05720db989fe33381d2a7cbb8b4"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3861
x-amz-id-2
yAlVSlQeBEim67aLlB7wloroMS/WHl+zjXOHb6mp4B3aOr/ixkFk/Ym4D2hCXCIHblNcwqVZgpg=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55055171-0-image-a-366_1646670944933.jpg
i.dailymail.co.uk/1s/2022/03/07/16/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/16/55055171-0-image-a-366_1646670944933.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e2611e99315467949644c5193765d09064f3a8268b85de8e6f035d14bed16b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
BRmSb1ZMtkd2UeVw4hzpoYY43QBly9BI
last-modified
Mon, 07 Mar 2022 16:35:46 GMT
server
AmazonS3
x-amz-request-id
XZNJ27HRM3XJDSNF
etag
"0932aab61089be932b974549d49bb369"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4384
x-amz-id-2
4qsI6pZ3l6L7SsWlKWAXkV4TsAqXETE/eJhpmL/2GToEIWj936BFm1MpGX5M1ehtWj95d8iY/EY=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55052797-0-image-a-187_1646665291005.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55052797-0-image-a-187_1646665291005.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b8ed99c37618c70b3ad0005365c4aba548f686f7bdb4296a70450e58e0585bb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
oLyamfrLAG8DFXXz_0Sox8l6RzYzhFiH
last-modified
Mon, 07 Mar 2022 15:01:32 GMT
server
AmazonS3
x-amz-request-id
PD8545JBD7MJ53JG
etag
"d5a60641378303dcf216539e318069ce"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5629
x-amz-id-2
/nJVAEdp1js9blDGfLHGMlhrDnxuZIosO7nVA+ZNLhKLNEyTEPjdXWg2UbEBlaMNFhm/7V8BsTs=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55053137-0-image-m-16_1646665847000.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55053137-0-image-m-16_1646665847000.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e057a39e24a79b516f2465f1371ccaaec70d9f0cd4f387feddab4ff58c4eb0d8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
admIwRuTFxD7QqAqc8K.rM9J28fpv31i
last-modified
Mon, 07 Mar 2022 15:10:50 GMT
server
AmazonS3
x-amz-request-id
CZV8BA3795DENBEX
etag
"0eb2455eb04a9fe87b5691bbc47ec842"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
2441
x-amz-id-2
QhWdfIGXP/XbyEKfm0SFGxQ2tg/5Y+qJbfl82BHVJ9j92/RXz0qU1z4URniNAiVtEBw9SZrKxbg=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55036275-0-image-a-99_1646632668241.jpg
i.dailymail.co.uk/1s/2022/03/07/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/05/55036275-0-image-a-99_1646632668241.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6b63e3ce6b4f16b6305a5e90c4a131e2a5b97e26126fed896c9f1621aff85a4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
cj3BtWHWt6xPdzWZ03WclcVDQyB3n_pA
last-modified
Mon, 07 Mar 2022 05:52:07 GMT
server
AmazonS3
x-amz-request-id
9F8V8541Q507KB39
etag
"e2eed426e6668205b4838a9de21a9bff"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
4399
x-amz-id-2
lgFGYwaN/cRc20YqEpAU2qeqU5taItrHSKMBIyZ2v7lQ6XObCOuRee+hUraPWW2ejWDH5Ae/VQI=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55051401-0-image-m-23_1646664834029.jpg
i.dailymail.co.uk/1s/2022/03/07/14/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/14/55051401-0-image-m-23_1646664834029.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88df6faafb8ecc0816c8b1526d0de2740dc47fc10d8460536b11b625b63bd9c7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
2TAYist8cMWCh7UJfxEwiXvnpqNmpYqZ
last-modified
Mon, 07 Mar 2022 14:53:59 GMT
server
AmazonS3
x-amz-request-id
NVDRMHDF8P9TS754
etag
"2c2b5f309ab79c4b855d59cb8cc371e0"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4629
x-amz-id-2
js1LkurOlEU9YqxSJmVTUF+Kp68sgNAPSmH/LqmKQqFEyUTyr2Mb6J6d9CrieRXCVhR8IJDU7HU=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55049251-0-image-a-23_1646660376897.jpg
i.dailymail.co.uk/1s/2022/03/07/13/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/13/55049251-0-image-a-23_1646660376897.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c728dcd4ab1ef268051aca58d88a46796dbb18980c07d75e72754254c5e1b745

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
k12L9QpxMWKZFpD_8x5ADy3qzKuhi1wT
last-modified
Mon, 07 Mar 2022 13:39:38 GMT
server
AmazonS3
x-amz-request-id
23A9F53XY19EEG30
etag
"ca8e8d8686af9943391c6dccd8698b0c"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
5402
x-amz-id-2
ZC+FcDjyGsUuzNdf0dF3yAbYVdKKvmhOSsmpOY0IFVwlDzl1ocdjsRGQt7QmJrqUYz/+uRlD2TA=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55051991-0-image-a-16_1646665555844.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/55051991-0-image-a-16_1646665555844.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecfe0b7fbf03ab42263df62ad15b49d45489794bf0d45f944aa9a675710b0a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
WBQamFMKappefZUS8opTMIgj6TjbegS1
last-modified
Mon, 07 Mar 2022 15:05:57 GMT
server
AmazonS3
x-amz-request-id
CZV85HD006W2RJZM
etag
"a4bbb3ca9fbb6fd47780165ea4906f0f"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5129
x-amz-id-2
5wg2hU+nJxYwelF+QRqL6EIY4Buky0m9Qwsf+Jsnk8lh74UyIeDLVNZfAZQHATwfoSxNMCMd1m4=
expires
Sun, 17 Apr 2022 09:12:27 GMT
25786478-0-While_currently_lush_and_green_researchers_predict_the_Amazon_ra-a-16_1646665450760.jpg
i.dailymail.co.uk/1s/2022/03/07/15/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/15/25786478-0-While_currently_lush_and_green_researchers_predict_the_Amazon_ra-a-16_1646665450760.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5eaae63dee75aeb8f60decc02d32ecf35dbf69dd8570d409a6f028c73d706e50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
bmaiI.E0H0QsuOgiByFybM_LvTXQdhKu
last-modified
Mon, 07 Mar 2022 15:04:13 GMT
server
AmazonS3
x-amz-request-id
W9FGG8A8MFGVK9CQ
etag
"91273904e30e3724d9ad36018140a34f"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5986
x-amz-id-2
aauHWAhWUDwz1js8F1l+NFfauO43aygadCEPkiMCNX7ZLBRjgfhQ5X7LqFTvvukIwznqZit5Iv8=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55054411-0-image-a-7_1646670912699.jpg
i.dailymail.co.uk/1s/2022/03/07/16/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/16/55054411-0-image-a-7_1646670912699.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60407339117704404354709d59f4037c37fa7901f4c56818600580adc82e602a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
SQMH_PkhUN.p02JHIl9shaHCd0ULSj5S
last-modified
Mon, 07 Mar 2022 16:35:14 GMT
server
AmazonS3
x-amz-request-id
8AW39ATF6HY8BTK0
etag
"f026020a1baa751e3e3594af55843d20"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
5187
x-amz-id-2
+3yYkS5WvZ9LNza7BWgVvJhbUGFFlBkCABG7Qid3jloUpgkT9FAcbXqmUVrCw/R7NIbGzzwlqzQ=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55029861-0-image-a-42_1646617195229.jpg
i.dailymail.co.uk/1s/2022/03/07/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/01/55029861-0-image-a-42_1646617195229.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb675150c4e9853f7a8ad642c850a64e72eacb063b4cd9bb25c40e25209fe7b5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
ipgU5IujBy0OENEGxWW0oG0lH0lh7G_b
last-modified
Mon, 07 Mar 2022 01:39:58 GMT
server
AmazonS3
x-amz-request-id
TJJRC1CYSQ19Y9KJ
etag
"2e536e08f7414141ec88df78543b94f3"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4108
x-amz-id-2
m87cH2AaVVzGJafeUR3iV3zqqKvkna6ZlTzxqqGzfQLkl7r6fgDfg04NHvy8QFFTXVT+mIWd50w=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55024145-0-image-a-9_1646611293769.jpg
i.dailymail.co.uk/1s/2022/03/07/00/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/00/55024145-0-image-a-9_1646611293769.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b058fcf9107ff9ac8afbbc0db17882823df0a344695eddc5243ad8f777eee6f5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
SVdAJ_fitMDVbPZ2b1NzkS89ZfLRWCUe
last-modified
Mon, 07 Mar 2022 00:01:36 GMT
server
AmazonS3
x-amz-request-id
QFNP00TWYYPRNKK1
etag
"b74ac725da048f82ca3fdf400fb30707"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
6129
x-amz-id-2
t3Rxr/IIf5+g4tDuwEzyMeLUBmVLZBzr5WGseCoJhz2fKLXRM8Zl+1+kKpW4IKOmaF0usRPQE/8=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55049129-0-image-a-1_1646663447263.jpg
i.dailymail.co.uk/1s/2022/03/07/14/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/14/55049129-0-image-a-1_1646663447263.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b757c92706c9ab6e361bc6ba774e575cf4473fb30e42fb0e3b59f55fc3677a83

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
V24I5f4kWsWIVtaTsgeYWWtCnrezPXpp
last-modified
Mon, 07 Mar 2022 14:30:49 GMT
server
AmazonS3
x-amz-request-id
SPYZ24ZKYHZZS2B9
etag
"444d9479f3ad6a22438fbae97c86f30c"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3897
x-amz-id-2
Wo53Qgb1weDhfm+FNlfI1Q5HeDWX1AJOkuqJN6pzujBRHXEDy1FNkDJBH2RGv2SeI1EMImM9jis=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55029845-0-image-m-111_1646617526221.jpg
i.dailymail.co.uk/1s/2022/03/07/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/01/55029845-0-image-m-111_1646617526221.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8aa7fdb3518fda42ef6e7959cae9618c7896b138957c1ca19935f95ff7dd60bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
2_ldvzbT2YiLeDhSGEZ0Mr5PXcVeiVB.
last-modified
Mon, 07 Mar 2022 01:45:30 GMT
server
AmazonS3
x-amz-request-id
2K08DRE4MT12AJ25
etag
"a304ba56d4a7096642ee32e4b5a9f7fd"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4507
x-amz-id-2
fwWdbgEkKdpTP7MqJb/6GSXbfbZOzckpaGltFGZU5Nd9gNJPlth1g5kFDtpuvPPT5nmoEnrFosw=
expires
Sun, 17 Apr 2022 09:12:27 GMT
55048541-0-image-a-17_1646659304622.jpg
i.dailymail.co.uk/1s/2022/03/07/13/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/07/13/55048541-0-image-a-17_1646659304622.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42a1b739ee7b5a7c3fc2f8c5183304c8b6d837b36488985314624a47940779fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
w5PcPYEvn9qR5cPPMsU5ZWZyJwF5hNsp
last-modified
Mon, 07 Mar 2022 13:21:46 GMT
server
AmazonS3
x-amz-request-id
N0BGNCR0X7V1P4EW
etag
"1719fe2fd6a75eec9ceb3a7ce082da7f"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:27 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6847
x-amz-id-2
PJTmYvo0PxdT5DO+12J2RFMRBkzUmDV19O1p/T8M7o8Yfv091rjNgyWCf5cMufha7G84MXWp+7s=
expires
Sun, 17 Apr 2022 09:12:27 GMT
articleDefer.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/ 		400 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/articleDefer.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b342d93742baee0fb0099cf95f23422bda5afb0e983e113b71ccaa88c315f335

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
102405
last-modified
Wed, 19 Jan 2022 12:05:07 GMT
server
Akamai Resource Optimizer
etag
"bdd61cd7ef5e3235fbcc0579e585505a:1642591149.297504"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2256754
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 13 Apr 2022 12:05:01 GMT
registration--.css
www.dailymail.co.uk/static/gunther/17.13.0/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.13.0/registration--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
x-check-cacheable
YES
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4945
last-modified
Thu, 26 Aug 2021 23:19:17 GMT
server
Akamai Resource Optimizer
etag
"1d7a19f1f78591a33d5ec97dd91f96b4:1593164448.110325"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1940935
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sat, 09 Apr 2022 20:21:22 GMT
desktop.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/ 		164 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
3593bdca4580ca6d489b16badb3b3bb76f776ef2a67dbd455f6635ef0370b009

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
98434
last-modified
Wed, 23 Feb 2022 10:05:12 GMT
server
Akamai Resource Optimizer
etag
"734b4c937053225ecdecd19f225c0ef8:1645608735.530003"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=607935
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 25 Mar 2022 10:04:42 GMT
all--.css
www.dailymail.co.uk/static/gunther/17.14.3/ 		267 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.3/all--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
34267
last-modified
Tue, 15 Feb 2022 17:04:28 GMT
server
Akamai Resource Optimizer
etag
"e391873d0754fa60110c5299203d6f76:1642591647.540737"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2274832
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 13 Apr 2022 17:06:19 GMT
all1--.css
www.dailymail.co.uk/static/gunther/17.14.3/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.3/all1--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10119
last-modified
Tue, 15 Feb 2022 16:20:13 GMT
server
Akamai Resource Optimizer
etag
"2456679cc8c0c996054aec3c292d82d0:1642591648.664529"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2272035
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 13 Apr 2022 16:19:42 GMT
fff.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/styles/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/styles/fff.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
e962357c5f484d91f5ed56e74a6dd896f378c237b6be32c85fa1fc62d1b70bbb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7921
last-modified
Thu, 01 Jul 2021 13:25:27 GMT
server
Akamai Resource Optimizer
etag
"6bbdafeae597afda98bc1cb745b63159:1625065243.659183"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1202303
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Apr 2022 07:10:50 GMT
v-0.58.min.js
www.dailymail.co.uk/rta2/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/rta2/v-0.58.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Sat, 28 Aug 2021 07:03:51 GMT
server
Akamai Resource Optimizer
etag
"e29ae5b09b7c2666dc21de1c945df71c:1623938303.933458"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1146195
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
5176
expires
Thu, 31 Mar 2022 15:35:42 GMT
desktop.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/ 		446 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
23e345dd8b8265ac49ef43a23f300daa6881776797c8c2b33560592e1ba160a9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
118392
last-modified
Wed, 23 Feb 2022 10:09:21 GMT
server
Akamai Resource Optimizer
etag
"9bb70ad9fb83338d4f54f9cead7ba6b1:1645608751.402713"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=615937
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 25 Mar 2022 12:18:04 GMT
mol-adverts-delayed.js
www.dailymail.co.uk/static/mol-adverts/4.1.93/ 		2 MB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
09802c331b6d3cd7a86f127db16d26376b1a3506ba75921f5443b4def7414953

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Fri, 04 Mar 2022 12:59:56 GMT
server
Akamai Resource Optimizer
etag
"3d722468b37b4b569c2c3e4dc2487f06:1646398313.338423"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1395933
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
timing-allow-origin
*
content-length
414246
expires
Sun, 03 Apr 2022 12:58:00 GMT
articleDefer.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.25.0/ 		592 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.25.0/articleDefer.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
45e859d9d249117313060d154b720a123c1889c21a196cec00dd7e182b81e8d7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
135706
last-modified
Mon, 24 Jan 2022 10:28:27 GMT
server
Akamai Resource Optimizer
etag
"adf0649c42405c406b053f1a8456b478:1642591141.737643"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=350629
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 22 Mar 2022 10:36:16 GMT
async_bundle--.js
www.dailymail.co.uk/static/gunther/17.14.3/ 		325 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
243c42777dd1dc3b7e709cc60acf8e8a3e4272faf0b20c276a88cc0984cc6efe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
85037
last-modified
Mon, 31 Jan 2022 18:08:38 GMT
server
Akamai Resource Optimizer
etag
"f9190e909b2241cc9a98af8822a64762:1642591649.022387"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=350297
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 22 Mar 2022 10:30:44 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7522915bcb350be6f3157b1692458fdf8d6d728c2c09a8d0754c50101078e8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126233
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:27 GMT
mol-fe-videoplayer.min.css
www.dailymail.co.uk/static/videoplayer/6.13.0/styles/ 		90 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.13.0/styles/mol-fe-videoplayer.min.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10681
last-modified
Mon, 24 Jan 2022 09:25:47 GMT
server
Akamai Resource Optimizer
etag
"62426632e135cbbb9a89d534c68e342c:1643014811.873"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=346462
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 22 Mar 2022 09:26:49 GMT
mol-fe-videoplayer.min.js
www.dailymail.co.uk/static/videoplayer/6.13.0/scripts/ 		450 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.13.0/scripts/mol-fe-videoplayer.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
1f908207bc70c0af4b1ebd3177f224be9e8ad3e7050cd314625ad9a67e6d36d9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
102678
last-modified
Mon, 24 Jan 2022 09:11:34 GMT
server
Akamai Resource Optimizer
etag
"7a58c71b818ff66d0fdaa1735a8701f8:1643014814.00974"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345582
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 22 Mar 2022 09:12:09 GMT
article-2186843-0D074F9400000578-72_87x84.jpg
i.dailymail.co.uk/i/pix/2012/08/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2012/08/11/article-2186843-0D074F9400000578-72_87x84.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
342f9914e4de407fa336620b585e8450f5718c4c96265b43bfd873e543791de1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Sat, 11 Aug 2012 00:40:55 GMT
server
AkamaiNetStorage
etag
"d7019d7d11b46f591bb9b424ee35180f:1344645655"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3314
expires
Sun, 17 Apr 2022 09:12:27 GMT
article-2187052-147BEB40000005DC-991_87x84.jpg
i.dailymail.co.uk/i/pix/2012/08/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2012/08/11/article-2187052-147BEB40000005DC-991_87x84.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7e0b1af923ef2f50d4b714e6a46165085ff322522579b739cc07463c00025b50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Sat, 11 Aug 2012 17:26:18 GMT
server
AkamaiNetStorage
etag
"37238ec147c95fbd6f9397a9d1870cb2:1344705978"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
4325
expires
Sun, 17 Apr 2022 09:12:27 GMT
article-2188658-148A9DDC000005DC-25_87x84.jpg
i.dailymail.co.uk/i/pix/2012/08/15/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2012/08/15/article-2188658-148A9DDC000005DC-25_87x84.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15508460c0a60baa5a3ecc7489309be0b01d47f025ea216a0cb1a9a7d94084a9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Wed, 15 Aug 2012 11:12:00 GMT
server
AkamaiNetStorage
etag
"4de8dbcaef551b90bc6c7a3ed09f4e45:1345029120"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2668
expires
Sun, 17 Apr 2022 09:12:27 GMT
main-internal.min.css
i.dailymail.co.uk/static/mol-fe/static/mol-fe-most-watched-videos/2.10.0/styles/ 		60 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.dailymail.co.uk/static/mol-fe/static/mol-fe-most-watched-videos/2.10.0/styles/main-internal.min.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b96035b148d2f3268d77a18e8be1a0e52e3d3549eea6a7c785d5a1feba86d87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:47:53 GMT
server
AkamaiNetStorage
etag
"862aa1d021aee0c173a9b75caff36bda:1631620073.192547"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
6261
expires
Sun, 17 Apr 2022 09:12:27 GMT
index-internal.min.js
i.dailymail.co.uk/static/mol-fe/static/mol-fe-most-watched-videos/2.10.0/scripts/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.dailymail.co.uk/static/mol-fe/static/mol-fe-most-watched-videos/2.10.0/scripts/index-internal.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
19ec2de2938503db5d504b4544b1e508212d4974c66372115bdbf7f364ead207

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:47:54 GMT
server
AkamaiNetStorage
etag
"e80d4d30ffa0a7ed3ade5463943b89ed:1631620074.854763"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
19308
expires
Sun, 17 Apr 2022 09:12:27 GMT
btn_add-your-comment.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/btn_add-your-comment.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b6849b99c9da8c60aec9d8fcad58817ef0aabe354e6f9194f24b7e68df71f41a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 06 Nov 2017 11:57:22 GMT
server
AkamaiNetStorage
etag
"35cf287579c56cfa1b37c7d845558128:1509969442"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
1349
expires
Sun, 17 Apr 2022 09:12:27 GMT
icon_comments_74.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		517 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/icon_comments_74.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
10d217fc2d14b793dd2acba83780093ff88896b4433f7eb36bfc4a220f78350f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Tue, 28 Feb 2017 12:52:27 GMT
server
AkamaiNetStorage
etag
"a85bf8e29331cd62725b2bb16387eb8d:1488286347"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
517
expires
Sun, 17 Apr 2022 09:12:27 GMT
index.css
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1630acdb42a222c31f2e0ffb701028cee024af1ed555cdae4dbfcac6a7a593ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 14:03:05 GMT
server
AkamaiNetStorage
etag
"f3935b479e90a52a6cc84ab68799a8f7:1647439385.843993"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
6723
expires
Sun, 17 Apr 2022 09:12:27 GMT
index.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/ 		112 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d8d9bc846d6e015d87337cdf131856efab1f9f840470aae3d514d604eef26fd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 14:03:06 GMT
server
AkamaiNetStorage
etag
"0c1a5c91348f46ebec5dee30b308df8e:1647439386.023557"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
41367
expires
Sun, 17 Apr 2022 09:12:27 GMT
iphone_ad_308x111.jpg
i.dailymail.co.uk/i/pix/promoboxes/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/promoboxes/iphone_ad_308x111.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f744634b59058c2fa455853051f7d7cbea03c40a79a2c822e25a22cba5d82316

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Tue, 20 Dec 2011 15:43:09 GMT
server
AkamaiNetStorage
etag
"d0cc3541816686ffa19219c42f0bf076:1324395789"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
18253
expires
Sun, 17 Apr 2022 09:12:27 GMT
undefined-undefined-1D1F693100000578-8_136x135.jpg
i.dailymail.co.uk/i/pix/2014/04/15/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2014/04/15/undefined-undefined-1D1F693100000578-8_136x135.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f69e197dabe311ee2cf510bcf6b1289dcffb61dd4296be7ae73e355785fef0f3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Tue, 15 Apr 2014 07:11:53 GMT
server
AkamaiNetStorage
etag
"bb2a0908a4b88cc987526fa2c0a4fcd5:1397545913"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
10484
expires
Sun, 17 Apr 2022 09:12:27 GMT
fff.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/scripts/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/scripts/fff.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
20a8c3ca6709a883f79d46af5cec5d1c135d3e104bba92bc6811f981da451b55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
35264
last-modified
Tue, 18 Jan 2022 10:32:39 GMT
server
Akamai Resource Optimizer
etag
"3b33a22b040598d434ddc63d9417b61f:1625065244.887929"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1139151
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 31 Mar 2022 13:38:18 GMT
logo_cookie_reg.png
i.dailymail.co.uk/i/furniture/misc/ 		189 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/misc/logo_cookie_reg.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 06 Nov 2017 11:54:00 GMT
server
Apache
etag
"2c776973168421488cd8ba0f131ef7f4:1509969240"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
189
expires
Sun, 17 Apr 2022 09:12:27 GMT
spt_weather_nav.png
i.dailymail.co.uk/i/furniture/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/weather/spt_weather_nav.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Wed, 23 Dec 2009 12:07:55 GMT
server
Apache
etag
"2a0a9e4a75bf8d1c816c273119256500:1261570075"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2301
expires
Sun, 17 Apr 2022 09:12:27 GMT
door.js
uk-script.dotmetrics.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=news
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-63.ewr53.r.cloudfront.net
Software
Kestrel /
Resource Hash
3cc74e5ab2c9742127010cd2b9ca44a12f5abfa0573af28361f09ab1b48c1aea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
EWR53-C1
etag
".www.dailymail.co.uk.news.192.2022031809"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
92rHyX895pmPHMjwTfUoQAnP1yCM-SGKdv5P8CQUtIZtZhlYJu_7Jw==
sa
ted.dailymail.co.uk/s/ 		224 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a88::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15c2b360f6521967e813f15921e83c2965048da931619d656cf43106935abb2f

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:27 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
224
x-rs-ops
rta2-rufus-a3-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		225 B
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43d8646688f1527ffdf2a06d4dff2a89fdac56edcb8e4d8e38490990c32d3468

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:27 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
225
x-rs-ops
rta2-rufus-c4-fe.rdg.mol.dmgt.net:8180
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1711
date
Fri, 18 Mar 2022 08:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Mar 2022 10:43:56 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=361407818&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ul=en-us&de=UTF-8&dt=Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F%20%7C%20Daily%20Mail%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABEAAAAC~&jid=1133387847&gjid=747695861&cid=1144404248.1647594748&tid=UA-3639451-11&_gid=1969399204.1647594748&_r=1&gtm=2ouab0&cd1=desktop&cd2=loggedout&cd3=emily%20allen%3Banthony%20bond%3Binderdeep%20bains%20for%20the%20daily%20mail&cd4=article&cd5=2187999&cd6=%2Fnews&cd7=will%20%C2%A3148m%20euromillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F&cd8=2012-08-13&cd9=dailymail.co.uk&cd11=3503%3A9&cd12=513%3A403%3A16%3A16%3A0%3A25%3A53&cd13=23&cd14=%2Fnews&cd15=%2F&cd17=none&cd21=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&cd22=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&cd36=2022-03-18%2009%3A12%3A27&cd40=undefined&cd41=undefined&cd46=undefined&cd47=wv%3D1%2Cco%3D1%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&cd49=eligible&cd50=17.14.3%3A6.2.0%3A6.25.0%3A6.13.0%3Afe_desktop_default%3A&cd52=guest%7C&cd94=false&cd96=ads%20shown&cd98=undefined&cm2=1&cg1=article&cd38=1144404248.1647594748&z=1947118587
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
register.js
hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8eb16b5abdc002a7b9628ff7eac9d5d3a036d0bfc261327d6bdebe47a635db0b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-rs-ops
mol-fe-web-push-notification-c6-fe:8080
date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
11848
service-worker-allowed
/
expires
Fri, 18 Mar 2022 09:12:27 GMT
desktop.css
cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/css/ 		85 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/css/desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81f251a3b3e3ee751d51c3517e21825113c0da061a541ccf5166d755044a3f25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:05:56 GMT
server
AkamaiNetStorage
etag
"78afbc5533889d5d3a92b0322a9d3b2c:1634306831.168209"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=76490
accept-ranges
bytes
content-length
18976
expires
Sat, 19 Mar 2022 06:27:17 GMT
mol-ads-cmp.js
cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/ 		229 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b5692681b4b8509f848877ceff7082b42aaa2d6138a4756bd511d2f1c710ce

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:05:49 GMT
server
AkamaiNetStorage
etag
"2e0ff27421981c8b69d9bbc6e7b9e80e:1634306825.219998"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=17177
accept-ranges
bytes
expires
Fri, 18 Mar 2022 13:58:44 GMT
service
euasync01.admantx.com/admantx/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://euasync01.admantx.com/admantx/service?request={%22key%22:%22d4d1cdf427f06ebc6ee7e0a3ffbcaecdfbfe517eca18a41d9126f88bdb16e7f0%22,%22type%22:%22url%22,%22method%22:%22descriptor%22,%22mode%22:%22async%22,%22decorator%22:%22json%22,%22filter%22:[%22admants%22],%22body%22:%22https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22}
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::36d9:fa7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
707e9f99a1a6f5f643b8847c8ab19867e8767380ef00b7cf84547bc24a19cb5c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Mar 2022 09:12:28 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
1095
Content-Type
text/plain; charset=UTF-8
edgedata.html
www.dailymail.co.uk/geo/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/geo/edgedata.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4408d275bd649594b2301aeb5855c61278b41576cbb6a44f3b41c1f801cf4295

Request headers

pragma
no-cache
cache-control
no-cache
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
vary
User-Agent
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
content-type
text/html
cache-control
max-age=506
server-timing
edge; dur=1, cdn-cache; desc=HIT
content-length
1224
x-akamai-transformed
9 1224 0 pmb=mRUM,2
tag
btloader.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5761266544017408&upapi=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564bf925bfd3ed57e510d2243c9828c4bd1bde6218a6f7700de52656db55294b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6edcd8c669bf8c81-EWR
date
Fri, 18 Mar 2022 09:12:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 18 Mar 2022 08:34:14 GMT
server
cloudflare
age
2285
etag
W/"6a16fb9cc08a2edcacbc6929d351a627"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLLaWK6aGwY%2F%2BKMi%2B%2Fo0yV02C9su1T9HPMMzBLXyza8%2FklUonn880veVKnlt5MRlUJv8IIVlqINsgQCVYliWD%2BIXILaR94gpW5V7tDYIzn1we1WjNhLAlOyZOOkClxiLNBo0YMANJZ9otA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
184669-186298276891027.js
js-sec.indexww.com/ht/p/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184669-186298276891027.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74050f6ca30cbc9a6341071e2de131ac1801d29061c9ea6d84dfb346c564bfc8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 09:00:25 GMT
Server
Apache
ETag
"905a7e-b865-5da7a60a51f08"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3076
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15419
Expires
Fri, 18 Mar 2022 10:03:43 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cba6d61cdff0102d3f409cb17694bd820013877c2f1f9fc8724f6d020c927ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27844
x-xss-protection
0
server
sffe
etag
"1161 / 268 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:27 GMT
klick-dailymail.js
storage.cloud.kargo.com/ad/network/klick/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-90.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
S4lmeeHObFqS8xYQ_eDM32vJF.umlPRv
content-encoding
gzip
etag
"44e6b966c12b759049179f23810ace77"
x-amz-request-id
8500EC14CED1ABC3
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1627
x-amz-id-2
nAvFx/CzW2O2SkQhx0PhKXSlBICKLU1SNYmpWCC8lQwUIWWQ/DOFobrdPXZvvmhqRSOImxzfun4=
last-modified
Mon, 10 Jun 2019 14:32:31 GMT
server
AmazonS3
date
Fri, 18 Mar 2022 09:12:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 01:03:41 GMT
content-encoding
gzip
age
29325
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0QA7SNFAGK1JYEHE1E9V
etag
0e4876665018a306b1c42fb415cdf907
vary
Accept-Encoding
x-amz-version-id
UuYFL6_bKfCgf8RedP7ZN9_L0fyU1x_2
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xX5FgsbEUpKphRiHoy5-uiiFDl4k-NDIGl3ef1VAFB6sj1u1VnwN_A==
tfa.js
cdn.taboola.com/libtrc/unip/1125455/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50a62b7c73fe05875158ae5bcd71e696503f202fdb85a30af4cca186d6206526

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
kms8iJYzNF.XMueMOFGt4YJ_S40F88G8
content-encoding
gzip
etag
"0ddd9b3303903e0d781cd3aba2b2b523"
age
111
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17363
x-amz-id-2
VlghL6tdfDJxGFvUWmzB4MfCY6wE4zfmw+fZXggOdkfC6uXGinI0Xkl/2DolGpPWnDfOJ3H+JVE=
x-served-by
cache-ewr18169-EWR
last-modified
Sun, 13 Mar 2022 11:01:50 GMT
server
AmazonS3
x-timer
S1647594748.902145,VS0,VE0
date
Fri, 18 Mar 2022 09:12:27 GMT
vary
Accept-Encoding
x-amz-request-id
J4BJB5QFREQYA7AX
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
2
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 25 Mar 2022 09:12:27 GMT
iris-context.min.js
ovp.iris.tv/libs/context/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:14:19 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 20:29:32 GMT
server
AmazonS3
age
7090
etag
W/"7715a659dc0df79086ae769c891dfd9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
slqHeAfcx7ypAfjiCBQaUewyYpq955Ao
via
1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
XnGKuuFGVg3giK6EkZQtR2qfwUCwdWLdoymjgKkZ8BI5PmkAlRmROQ==
moatheader.js
z.moatads.com/mailonlineprebidheader526476985912/ 		258 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlineprebidheader526476985912/moatheader.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d9caf9c6bcc1375287491235d549864393e69225c0c422321a3f1676d52d0f38

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:27 GMT
server
AmazonS3
x-amz-request-id
64HFT93JKHES4HS3
etag
"5c9c3ee91ae18b528a845e3d47fbcb1d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=53454
accept-ranges
bytes
content-length
89675
x-amz-id-2
QgKv7NZWX90MZlL/L1dpdDCamtVt2b1iheFez3nmmstU69FAsKBxDNrxwlcoVmaX5wUgYuOX9Wk=
topVideos.json
secured.dailymail.co.uk/feeds/commercial/ 		154 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secured.dailymail.co.uk/feeds/commercial/topVideos.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
697c7c128ada9e859bdf773b88e1c51139868323838e41e863bffae27751e6af

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:27 GMT
Content-Encoding
gzip
x-rs-ben-time
Fri, 18 Mar 2022 09-09-10 GMT
Connection
keep-alive
Content-Length
44572
X-rs-ops
varnish6-web-c2-fe:6081
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
x-rs-time
Fri, 18 Mar 2022 09-09-18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=1800
Accept-Ranges
bytes
x-rs-ben
video-feed-c1:3000
x-storage
other
Expires
Fri, 18 Mar 2022 09:42:27 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75a5df54b464dfe7764d9adf24a991153128280b6e946224aa4d5c67c5af8315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FqxI5jgJu4HXmeIFDKrB5w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2167
x-fb-rlafr
0
x-fb-debug
FSURaHGyiyDxm0lp3+inDQyTwe8DbXj42bHjeG1Mg29aWcM/M2MhP7IxcI2TdIBtSx2Yv0IteEL0t5fSxVr4zA==
x-fb-trip-id
2050670934
x-fb-content-md5
4391593ac8b54e9c13bc67d27ba1cb07
x-frame-options
DENY
date
Fri, 18 Mar 2022 09:12:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9889c38432a88e9621b8af1f5268346e"
timing-allow-origin
*
expires
Fri, 18 Mar 2022 09:13:59 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3639451-11&cid=1144404248.1647594748&jid=1133387847&gjid=747695861&_gid=1969399204.1647594748&_u=6GBAAUAAEAAAAC~&z=1862492260
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Mar 2022 09:12:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
spt_socialicons_40x40eachbttn9.png
i.dailymail.co.uk/i/furniture/articles/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/spt_socialicons_40x40eachbttn9.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Thu, 17 May 2018 13:20:45 GMT
server
AkamaiNetStorage
etag
"bab988d64a75ef93640c8ed16e05987b:1526563245"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
26818
expires
Sun, 17 Apr 2022 09:12:27 GMT
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44

Request headers

Referer
Origin
https://www.dailymail.co.uk
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458

Request headers

Referer
Origin
https://www.dailymail.co.uk
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
font/woff
article-2187999-148B3968000005DC-670_634x408.jpg
i.dailymail.co.uk/i/pix/2012/08/15/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2012/08/15/article-2187999-148B3968000005DC-670_634x408.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8e28f7730755e6ad260b1b5c2a0928617710d0f6ee10b0c6d88cba5ba5871209

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Wed, 15 Aug 2012 00:48:02 GMT
server
AkamaiNetStorage
etag
"100c4be22100d2681e836fb830bb3c30:1344991682"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
68143
expires
Sun, 17 Apr 2022 09:12:28 GMT
loader.js
cdn.taboola.com/libtrc/dailymail-us/ 		519 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8475f3ed2276e14a08794db96b80d4189bfb0857791c691a2e41f51233ff3f5d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
XRw_LrrrepOW3PO7y_ygnK1o.Suv41Oi
content-encoding
gzip
age
5147
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
12
content-length
43827
x-amz-id-2
BKANL9kEw0WBFeOGp+bMqxiV8K12H+hD/vv+Xeks+1nw9VVEq71Kl0Mug3iwuMIQL1r3LweepcY=
x-served-by
cache-ewr18169-EWR
last-modified
Fri, 18 Mar 2022 07:43:34 UTC
server
nginx
x-timer
S1647594748.939097,VS0,VE1
etag
"eaa0ee756a398e7b42c84beab2ed23a544eb4b20"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
0AJYB3GHYSY3Q2QV
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Fri, 18 Mar 2022 09:12:27 GMT
abp
11
x-cache-hits
1
carousel_arrows_3.png
i.dailymail.co.uk/i/furniture/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/carousel_arrows_3.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
41704d63fe713fce52941fba264ff01d5e370be6dbdfea89a8f12ce9d48bfa9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 06 Nov 2017 11:51:16 GMT
server
Apache
etag
"0293758492e440edc3f995f4887fa0ce:1509969076"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
5373
expires
Sun, 17 Apr 2022 09:12:27 GMT
spt_previewlinks_10.png
i.dailymail.co.uk/i/furniture/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/spt_previewlinks_10.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b67596bde5f7562faba79125ecebe3ee3b1f53549cc7ecb7020900d839580d19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:27 GMT
last-modified
Mon, 06 Nov 2017 11:51:19 GMT
server
Apache
etag
"997a5a9a5d3df1bbf8f3a26394515052:1509969079"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2095
expires
Sun, 17 Apr 2022 09:12:27 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=4637&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&dom=www.dailymail.co.uk&r=1647594747969&pvs=1&pvid=l0w7dfsx1eucp35e7au&c=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-63.ewr53.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
Gs_JQItFxVxZOkvha97CIHAFEZHB7zsN4MLBvvFAnQ0hEDDosrtJdQ==
publicKey
hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/subscription/ 		87 B
897 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/subscription/publicKey
Requested by
Host: hulkprod.anm.co.uk
URL: https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be65e3bddd1818546df81e7c782002e63cdc955e04f4fee43e7b7113f162b648

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-rs-ops
mol-fe-web-push-notification-c5-fe:8080
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, no-cache
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
107
expires
Fri, 18 Mar 2022 09:12:28 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3639451-11&cid=1144404248.1647594748&jid=1133387847&_u=6GBAAUAAEAAAAC~&z=656408680
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button_bg.gif
i.dailymail.co.uk/i/furniture/articles/ 		450 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/button_bg.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6b0a9a3f89a5a9633f8b55cefc8e8c937e742f77e16a7f517e245bdec940913d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Sun, 28 Sep 2008 03:10:39 GMT
server
AkamaiNetStorage
etag
"660ebcf51de684aabd5640c5400a2a17:1222571440"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
450
expires
Sun, 17 Apr 2022 09:12:28 GMT
spt_previewlinks_5.gif
i.dailymail.co.uk/i/furniture/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/spt_previewlinks_5.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/rc-main--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
23f72af4e882a0195f05a66774f002805a01ee4c3812d480e51aeeefbae092b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Tue, 28 Feb 2017 12:31:27 GMT
server
Apache
etag
"6dc31044422de3f1f57a962c4036655e:1488285087"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2587
expires
Sun, 17 Apr 2022 09:12:28 GMT
comment_ticker.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		85 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/comment_ticker.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/rc-main--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Tue, 28 Feb 2017 12:52:42 GMT
server
AkamaiNetStorage
etag
"18d36c5e83cfde23a9f5103f33f6ad32:1488286362"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
85
expires
Sun, 17 Apr 2022 09:12:28 GMT
spt_socialicons_40x40eachbttn8.png
i.dailymail.co.uk/i/furniture/articles/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/spt_socialicons_40x40eachbttn8.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.25.0/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
1d188cadb253c70a5a87ebdcea65f7407044606b5c4cf2ca9891970161aa9232

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Mon, 06 Nov 2017 11:53:19 GMT
server
Apache
etag
"d5fb4ae159a29d51d27aaf551c71298a:1509969199"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
8735
expires
Sun, 17 Apr 2022 09:12:28 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
spt_rndcorner_4.png
i.dailymail.co.uk/i/furniture/corners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/corners/spt_rndcorner_4.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Mon, 06 Nov 2017 11:54:17 GMT
server
Apache
etag
"8709d0e0c6ea65aa87db0884a31b5355:1509969257"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2998
expires
Sun, 17 Apr 2022 09:12:28 GMT
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e92b3b722e75fb9c316c0ef14043e440302b994753708d9bdcc9a0f3a638f6d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		996 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		868 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
55500983-0-image-a-90_1647572239192.jpg
i.dailymail.co.uk/1s/2022/03/18/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/18/02/55500983-0-image-a-90_1647572239192.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c3a5471507a24364303c242b6aa5cd26a27486d415cbf4d7487d1cb8d41781a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
WvyJmzOOLXCF5dOXQQ4f6_gYbxUmqZe8
last-modified
Fri, 18 Mar 2022 02:57:21 GMT
server
AmazonS3
x-amz-request-id
0D6CKX0GSPJY2G59
etag
"bd6dad4600006389c0fa2504ec40c585"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:28 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
3221
x-amz-id-2
3brK2jWzqnnYCOzhOVvUJH7siImGXHqj3CA/1NEy5+nW8gapnSD4yZ9/ELw2lZnnhpIWgOceq8U=
expires
Sun, 17 Apr 2022 09:12:28 GMT
55494043-0-image-a-134_1647556578086.jpg
i.dailymail.co.uk/1s/2022/03/17/22/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2022/03/17/22/55494043-0-image-a-134_1647556578086.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3300addec0003073b3cbd7d44fd73c0f214c79fb85c48efd74d30bab885fa18d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
pb58A8Oq3rBhdJ5PXWR9MNZEidAxC6_R
last-modified
Thu, 17 Mar 2022 22:36:21 GMT
server
AmazonS3
x-amz-request-id
S6N554E2QB25EWJZ
etag
"4aaeb2b55fe787094e76f2e90efb9d59"
x-mol-img
avif
content-type
image/avif
cache-control
max-age=2592000
date
Fri, 18 Mar 2022 09:12:28 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4327
x-amz-id-2
bYTAqKnghT8QiRv/H2eWzx9MOmagn9XVJ59aSTXpWZQVluVA13+FFCoHhbtrSXSl8EyQVsRBp5E=
expires
Sun, 17 Apr 2022 09:12:28 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 23:51:19 GMT
px.gif
ad-delivery.net/ 		43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6169453179510536
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 18 Mar 2022 09:12:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642207
x-guploader-uploadid
ADPycdt9B4KyrRzLysOxgEhHOY2JpgdhPsT0EptDvcdfSFHRQeSLnYdLfxo_oOY-fKqvY4xN35m-aqXUGSbW55QgCe89W1npaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiaLAMWzSLxOhmcgUtw%2BlL6jWcUFzUbwpXHTyDP%2FFOnKMxXV5cYsFphCTlQCxahFMH6ZOz1q%2Fj9d3OXSsOdlhF%2BoQb7FPTkMGqLSSj5o2mQjlWqF2QYGJAY%2FYUeI3yhX3eOs3kJpAHrJm71SWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6edcd8c86c018c12-EWR
expires
Thu, 10 Mar 2022 23:39:16 GMT
json
trc.taboola.com/1125455/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1125455/trc/3/json?tim=1647594748168&data=%7B%22id%22%3A543%2C%22ii%22%3A%22%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1647594748161%2C%22cv%22%3A%2220220313-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmailonline-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1647594748167%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A6%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1439c9f9dc0330a99fbc3bf92b09a47d8310caddbd28c37b0eb588ecbc4d8a78

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
51
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
server
nginx
x-timer
S1647594748.196182,VS0,VE51
x-served-by
cache-ewr18169-EWR
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
rules-p-yVg_z7_Zx4fHs.js
rules.quantcount.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-yVg_z7_Zx4fHs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88e2ccfb294bdb1040f7cd0b73c6ef14f3acec12f8b2cfa993edf8b242d638ea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:25:47 GMT
content-encoding
gzip
age
2801
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 21:25:34 GMT
server
AmazonS3
etag
W/"5e4f00dd8e7a6bf73bcab3d94b553f2c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
jer3QjlzrU-1HtkGCVAzxOLTYy1HmL53arvqVrBN2llWqvIjVahNCg==
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 04:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 04:51:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		808 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dailymail.co.uk
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e31988dcc01ca50063ec978eeb7c992ad2110c7ad1b4444430278cd9440e047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
280
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:28 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 02:21:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
24639
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
6B5IzpFbKjTWptfEVC0o2znq9A8lmiqKg_kG-OYkKDnWSB6Ygq95Tg==
load.js
widget.perfectmarket.com/dailymail-us/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/dailymail-us/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d3b5420ee831fdc29663f71a3615df7bca0ef96d0c8057d91c93534298ca732

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
B3EZ8kK9hIvSbU_MBC6_vQ_UfGUMHEg_
content-encoding
gzip
etag
"fa7d58fde796f160a7d7a32c3c6bf144"
age
46
x-cache
HIT, HIT
content-length
1342
x-amz-id-2
W3Vn942fujOGFxTLPa628o7mCm7rhwA7xjUbjaMM/6y3ZAexlNPky2740RfVQEQ+mjYHar70CIc=
x-served-by
cache-lax10668-LGB, cache-ewr18121-EWR
last-modified
Tue, 15 Jun 2021 12:25:26 GMT
server
AmazonS3
x-timer
S1647594748.294807,VS0,VE0
date
Fri, 18 Mar 2022 09:12:28 GMT
vary
Accept-Encoding,,
x-amz-request-id
D30X9BABEVK2933H
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 2
impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
cdn.taboola.com/libtrc/ 		620 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
187f469e81eb5a6824ace7d2587b9d993578610641272aba163bee05de4596f6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
oEo.5QTmcPZ8lLje945UMkrVhIblNxV_
content-encoding
br
etag
"6860733ab842e49d6384363bdd777e1d"
age
10466
x-cache
HIT
content-length
131231
x-amz-id-2
jdj+rNnVqI8j+DpbJohcqNSqCP3z69v+0CE/FKJHMLRMtrti1uP59PEmYWX55kOI+N5LDPXLCOA=
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 10 Mar 2022 20:01:31 GMT
server
AmazonS3-br
x-timer
S1647594748.241842,VS0,VE0
date
Fri, 18 Mar 2022 09:12:28 GMT
vary
Accept-Encoding
x-amz-request-id
0SEN7HAZQKZNSXSZ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
30
x-cache-hits
2
tr5
cdn.taboola.com/libtrc/ 		3 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=explore-more-header-ab-test_var
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594748.243336,VS0,VE0
x-served-by
cache-ewr18169-EWR
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401367413466420&ev=PixelInitialized&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rl=&if=false&ts=1647594748246
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 18 Mar 2022 09:12:28 GMT
v2
mb.moatads.com/yi/ 		359 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcode=mailonlineprebidheader526476985912&rx=305135542903&callback=MoatNadoAllJsonpRequest_52124741
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mailonlineprebidheader526476985912/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-240-223.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
cb07b5a3c2335807ae2a717fc9ec690ebe82df49c85335210782f9fe97e42a1d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"d28b6b7e62443a86de3b977726a6dc37a2b77e43"
content-length
359
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/ 		71 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=MAILONLINE_PREBID_HEADER1&hp=1&wf=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647594748255&de=525190958625&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=1&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=undefined&bp=undefined&bd=undefined&zMoatPS=Position%20Not%20Identified&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A0&jm=-1&fs=197504&na=1178107778&cs=0&callback=MoatDataJsonpRequest_52124741
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mailonlineprebidheader526476985912/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.231.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-231-132.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
1a4bc28ddb2ac51fbbf2e845944b8d4713462bd05516507866ec15357a3c3cf7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"92d950b440beeb0a7c17c54290ae59f2f73a8c0f"
content-length
71
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame E034 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mailonlineprebidheader526476985912/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

x-amz-id-2
3EUbB6wka8dM4MxSoynAj7U8+CptU4Oid3/QPAkBgaOjDafcCdWDHVacdn0X0UggNFTFuYMVGV0=
x-amz-request-id
088A9E01548DEE43
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
accept-ranges
bytes
content-type
text/html
content-length
1374
server
AmazonS3
cache-control
max-age=2311
date
Fri, 18 Mar 2022 09:12:28 GMT
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=f38c8pGL&w=5666437271126016&o=5761266544017408&cv=2.0.2-8-g186cc00&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5761266544017408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:28 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/ 		473 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2137c099bd65ae461c267ac6d6ef740cda98db008d42ab80bcea5f9acfb1e2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5f42864d-a421-4f37-9478-00266f871d68
x-guploader-uploadid
ADPycdtVc7_5ldbvfAp7uWnVe2Hu6DZiDq7fuC8sO3LNB_M9-av9lF46mP3KoPFqIRxGc9l2v5qM8KTtmGs-kJMlDNs
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Thu, 17 Mar 2022 16:12:34 GMT
server
cloudflare
etag
W/"ea3c3c084600bd9be9817984b50a81e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2/NYqQ==, md5=6jw8CEYAvZvpgXmEtQqB4g==
x-goog-generation
1647533554150173
cache-control
public, max-age=900
x-goog-stored-content-length
128472
cf-ray
6edcd8c9b998d153-BUF
expires
Fri, 18 Mar 2022 09:27:28 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf68d396c22f8d42dbf299c4ce4e8476a6358da7ff8f4361e70c5d247ff00928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
14238
x-jsd-version
1.0.1283
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-ewr18152-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-DOCfS7zxMwImr8HNPmbYK6xKHuI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6edcd8c9c9c2d153-BUF
pmk-202010011.11.js
widget.perfectmarket.com/dailymail-us/ 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/dailymail-us/pmk-202010011.11.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/dailymail-us/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9065d2b721fd5999b3834fbca9cca1d977d59dbf1f8fd49fe2ac787692a33167

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
R5YhAzmlpMExkbPoUHJa6wAw8b7XY7To
content-encoding
gzip
etag
"ba74c5c3e6ee327aea8ab012e43a3a18"
age
17978615
x-cache
HIT, HIT
content-length
24713
x-amz-id-2
WIIoyBMHqFfPhVbJkzFYWcW/92Nlx4vz4PTRKzkF9iZEm6W6uqaDl5Yrof2iEM0/FnpS9gtQ660=
x-served-by
cache-lax10639-LGB, cache-ewr18121-EWR
last-modified
Tue, 15 Jun 2021 12:25:25 GMT
server
AmazonS3
x-timer
S1647594748.444686,VS0,VE0
date
Fri, 18 Mar 2022 09:12:28 GMT
vary
Accept-Encoding,,
x-amz-request-id
6W6WW398G2BSNV4K
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
3212, 1354
json
trc.taboola.com/dailymail-us/trc/3/ 		48 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-us/trc/3/json?tim=09%3A12%3A28.504&lti=explore-more-header-ab-test_var&data=%7B%22id%22%3A793%2C%22ii%22%3A%22%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1647513301072%2C%22vi%22%3A1647594748161%2C%22cv%22%3A%2220220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7057%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A19405%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2v%22%2C%22s%22%3A15%2C%22uim%22%3A%22autosized-generated-text-under-1r-us%3Aabp%3D0%22%2C%22uip%22%3A%22desktop-Desktop-Wide%22%2C%22orig_uip%22%3A%22Desktop-Wide%22%2C%22cd%22%3A18742.90625%2C%22mw%22%3A632%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22cd%22%3A19107.90625%2C%22mw%22%3A636%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%2CBelow%20Article%20Thumbnails%202nd%3Dthumbnails-b%3Aabp%3D0%2C%2Cdesktop-Desktop-Wide%3Dautosized-generated-text-under-1r-us%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22explore-more-header-ab-test_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10935ccd353f32f84aadffaa722f00792bc3654eee4b49f1bb63373af912f26d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1030
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
nginx
x-timer
S1647594749.516483,VS0,VE1030
x-served-by
cache-ewr18169-EWR
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
config.json
c.go-mpulse.net/api/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD&d=www.dailymail.co.uk&t=5491982&v=1.720.0&sl=0&si=4349d6cb-52f6-4ad5-91d6-2c5e0bbd6d41-r8xo8l&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=145913
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:a9c::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c27a563bf388c7a157845184bd629ac5640aaaac4241f2c348e0bd475550565c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1505
5aa8f0a2-0c93-444a-8596-5e5dce694b36-models.bin
cdn.permutive.com/models/v2/ 		765 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/5aa8f0a2-0c93-444a-8596-5e5dce694b36-models.bin
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452eadb753ef17d893004ec4ea2b71fcf435c666bcee58561148f821a6a3ca0d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
5f42864d-a421-4f37-9478-00266f871d68
age
294
x-guploader-uploadid
ADPycdsf2Lbh9b2f7hDa3nMjZ8jS_GAvHRmGlSMgP58KdZr1u8g4gra9i2D1zQZHMU3HUC0Q74tVTqdeAQcSf5fJGHcVqqLkLg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/x-binary
content-length
684
last-modified
Fri, 18 Mar 2022 06:04:25 GMT
server
cloudflare
etag
"413c900aa37e96f2f800fbf6983459b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=A+JWtw==, md5=QTyQCqN+lvL4APv2mDRZuQ==
x-goog-generation
1647583465747174
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
684
accept-ranges
bytes
cf-ray
6edcd8cb4d119e1a-EWR
expires
Fri, 18 Mar 2022 09:07:34 GMT
getuidj
ib.adnxs.com/ 		11 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:28 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ed18fdd-8926-4db2-a341-9273b9bc647b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
590552a4-ae46-4690-8eda-af72f06abf17
https://www.dailymail.co.uk/ 		245 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/590552a4-ae46-4690-8eda-af72f06abf17
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
855c242f4d3e3e931ce1c6ca0c84edfcfdd988240a25563887980602acd43318

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
251103
8eaa9ae6-2a4c-4d84-b2ca-55f747141a23
https://www.dailymail.co.uk/ 		23 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/8eaa9ae6-2a4c-4d84-b2ca-55f747141a23
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e5597bcbbae3eff3bbe8c37c8fbe03cc72a1a2af26abf92d933133939334516

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
23915
graphql
api.permutive.com/ 		857 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/graphql?k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
085ea1be96571c27edbecb856cefd4877992dbadfd559fd8520fb90e85c80ada

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
via
1.1 google
production.json
scripts.dailymail.co.uk/static/mol-fe/static/configs/mol-fe-paywall/ 		345 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/configs/mol-fe-paywall/production.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.25.0/articleDefer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d9dc160791208f908bfd5734791589974c7eeb3cd4e8a97f6c75edd5e029a94

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Tue, 25 Jan 2022 13:01:50 GMT
server
AkamaiNetStorage
etag
"bef02cf21f603193c6b0061d9589dc70:1643115710.857687"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=98
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
345
preload-inline.gif
i.dailymail.co.uk/i/furniture/fff/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/preload-inline.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Tue, 02 Jul 2013 10:22:29 GMT
server
AkamaiNetStorage
etag
"a51c5608d01acf32df728f299767f82b:1372760549"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Sun, 17 Apr 2022 09:12:28 GMT
setABframe.html
www.newzit.com/ Frame F974 		208 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/setABframe.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1606125073205250674ef7f1c2f4580e3e774ac8f0155b298176de293f018319

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"86dc2f0c8c7395cfbae9dd2b17a65749:1645612129.534315"
last-modified
Wed, 23 Feb 2022 10:28:49 GMT
server
AkamaiNetStorage
content-encoding
gzip
content-length
169
cache-control
max-age=1683
expires
Fri, 18 Mar 2022 09:40:32 GMT
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
currencyExchangeRate
fff.dailymail.co.uk/ 		19 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/currencyExchangeRate
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
x-rs-ops
fff2-fe:8180
date
Fri, 18 Mar 2022 09:12:28 GMT
cache-control
max-age=14946
content-length
19
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
1.5.1
fff.dailymail.co.uk/templates/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/templates/1.5.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6a69d4401c299bdee736eac1168963bcce5fa8abf91b4cd8f8c52f8429d06668

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1176961
content-length
1951
x-rs-ops
fff1-fe:8180
truncated
/ 		174 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
1418450360_1785909458001_article-2187999-148BBCB7000005DC-236-634x521.jpg
video.dailymail.co.uk/video/1418450360/2012/08/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.dailymail.co.uk/video/1418450360/2012/08/1418450360_1785909458001_article-2187999-148BBCB7000005DC-236-634x521.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d90591da863a851280a0bc78f2546c3e22995d6e38a1f1a7a25ebc229f7454b5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
last-modified
Wed, 15 Aug 2012 12:29:51 GMT
server
AkamaiNetStorage
etag
"608171f8a4ef7cbf30c72bab1d1fab40:1345033791"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
21444
expires
Fri, 18 Mar 2022 10:12:29 GMT
mol-video.woff
www.dailymail.co.uk/static/videoplayer/6.13.0/font/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.13.0/font/mol-video.woff
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.13.0/styles/mol-fe-videoplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19

Request headers

Referer
https://www.dailymail.co.uk/static/videoplayer/6.13.0/styles/mol-fe-videoplayer.min.css
Origin
https://www.dailymail.co.uk
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Mon, 24 Jan 2022 09:00:14 GMT
server
AkamaiNetStorage
etag
"485a02e860743f3a21195c18ca687a40:1643014814.85897"
vary
User-Agent
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=348027
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
3376
expires
Tue, 22 Mar 2022 09:52:55 GMT
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame DA69 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:11:53 GMT
expires
Thu, 16 Mar 2023 20:11:53 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
133235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 09:12:29 GMT
video-sources.json
www.dailymail.co.uk/api/player/1785265699001/ 		1 KB
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/api/player/1785265699001/video-sources.json?geo=US
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.13.0/scripts/mol-fe-videoplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be87631e707f2bad906b691687eeb7c80c28d8d67aee9e90c48ebfbb3212040c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
x-rs-ben-time
Fri, 18 Mar 2022 09-12-28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=85, origin; dur=28
content-length
306
x-rs-ops
varnish6-web-a4-fe:6081
access-control-allow-headers
*
x-rs-time
Fri, 18 Mar 2022 09-12-28 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-mol-georesp
us
x-rs-ben
cljfe-a5:8181
x-storage
api
chromeless_closer.png
i.dailymail.co.uk/video/ 		372 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/video/chromeless_closer.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Mon, 01 Jul 2019 16:55:07 GMT
server
Apache
etag
"8de2a98adb80767b95658b4b19f1342c:1562000107"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
372
expires
Sun, 17 Apr 2022 09:12:28 GMT
video_info
context.iris.tv/ 		338 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=W491AUI45FTTFWD&platform_id=4612158401457702697
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-99.ewr53.r.cloudfront.net
Software
Zer01ne /
Resource Hash
43fb0b547e5e8b13d9850217f1136af958ca4fed4fa9ccaa1c447284590e4c94

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:14:44 GMT
via
1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
server
Zer01ne
age
3465
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
EWR53-C3
x-robots-tag
noindex, follow
x-amz-cf-id
zl31Kp3V6UnnvA0I82RSIU9okx2wqowzvKx5Lq8-f7W1LE72h440Lg==
Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
www.dailymail.co.uk/news/article-2187999/ 		688 KB
688 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
x-rs-ben-time
Mon, 07 Mar 2022 17-01-29 GMT
server-timing
edge; dur=1, cdn-cache; desc=HIT
x-rs-ops
varnish6-web-a2-fe:6081
last-modified
Wed, 15 Aug 2012 11:55:57 GMT
x-rs-ctime
1800
x-rs-time
Mon, 07 Mar 2022 17-01-29 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html;charset=UTF-8
cache-control
max-age=237
x-akamai-transformed
9 700079 0 pmb=mRUM,2
x-mol-georesp
us
x-rs-ben
cljfe-b3:8181
x-storage
dmoldarticles
7.gif
id5-sync.com/c/167/429/3/
Redirect Chain
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/167/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F167%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/167/2/8/2.gif?puid=6359460436251910749&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=%%TTL%%
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENbRD0remzScX6oPlDae0KQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6359460436251910749&opid=apx&ops=&utidl=tech:goo:CAESENbRD0remzScX6oPlDae0KQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A26018534275&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAGn007EaJoAAAyap1piaQ
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/167/796/4/6.gif?puid=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/167/429/3/7.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
0
0
black-preload.gif
i.dailymail.co.uk/i/furniture/fff/hub/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/hub/black-preload.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
last-modified
Tue, 19 Nov 2013 14:19:15 GMT
server
Apache
etag
"37e24e0370847870c1c43ea9ce19b1f4:1384870755"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Sun, 17 Apr 2022 09:12:28 GMT
script.js
uk-script.dotmetrics.net/Scripts/ 		79 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=192
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-63.ewr53.r.cloudfront.net
Software
Kestrel /
Resource Hash
dd406c02ad20b4101454c82049e8f5047beed8393b27a8dfa8520644f85ab159

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 09:49:47 GMT
server
Kestrel
x-amz-cf-pop
EWR53-C1
etag
"1d8231a884954ac"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
aQfqYdt4GC1h30pXHfCZXEzutRZJ07lIDeeAzy4wqIvlT7-ULPtkAw==
iframe.html
cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/ Frame B268 		1012 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f139fb4fb6331723b07c4ce1484c9e46bee5fd96f31065b01bbda2222e9eb5e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"7ddda2167ce1e101bb32b12734588490:1634306840.833514"
last-modified
Fri, 15 Oct 2021 14:05:56 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Fri, 18 Mar 2022 09:12:28 GMT
date
Fri, 18 Mar 2022 09:12:28 GMT
content-length
445
access-control-allow-origin
*
boot
klkstrm.kargo.com/event/ 		11 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://klkstrm.kargo.com/event/boot
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.131.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-131-185.compute-1.amazonaws.com
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
11
Content-Type
application/json
Kargo-Data.js
storage.cloud.kargo.com/ad/network/tag/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/tag/Kargo-Data.js
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-90.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Bfm3L0jDnsh9fppcQIyedbHwx7vy5nUS
content-encoding
gzip
etag
"fce2bfe5d7f2f5df4ae350001ca777a8"
x-amz-request-id
6A4D647EC815FEF2
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
2363
x-amz-id-2
EmXQIU4267XK7xvc2k8PIbwk6xsEDq5GINkEO8bEO1KPMiw+w4hy4gP0Rh9lMnd0SywTPWNvXUE=
last-modified
Thu, 20 Jun 2019 20:12:08 GMT
server
AmazonS3
date
Fri, 18 Mar 2022 09:12:28 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E1A4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:51:37 GMT
cookie_sync
prebid.adnxs.com/pbs/v1/ 		575 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
666a3e515ffcc0226f33a6f0b6c4f0a88aa051c44648c5a83a88ff70f9273e84

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		248 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
41e25dedc34f962d69e364d834372547e7299d729ef8f7df2d280901ee2203d4

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
248
Expires
0
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=34329534473
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
473e105ceae153c6d8b221246120fa706e4bfb54511959a40fa12d78f9250952

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5762
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.210.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-210-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
mvo
tag.1rx.io/rmp/231218/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231218/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9929&site_id=124372&zone_id=587686%3B1077750%3B587716%3B1099828%3B587712%3B820028%3B587722%3B587724&size_id=2%3B2%3B15%3B2%3B15%3B15%3B9%3B9&alt_size_ids=57%3B57%3B%3B%3B10%3B10%3B8%2C10%3B8%2C10&p_pos=atf%3B%3B%3B%3Batf%3Batf%3Batf%3Batf&eid_pubcid.org=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tg_i.area=news&tg_i.pbadslot=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cleader_wide%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_top%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_left_top%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&tk_flint=pbjs_lite_v4.43.4&x_source.tid=6adad415-5279-4e32-ab1c-79c74d7db15c%3B6adad415-5279-4e32-ab1c-79c74d7db15c%3Bd260bff2-5a78-4ca3-bf67-72ce41904a89%3Bfc56d6df-fd5d-4fae-b002-1d6aab698371%3B0e8d063c-f883-4591-a610-e88348bed51a%3B4eae3901-7bd0-4b40-9bb2-33736e71e059%3B445feb9d-5cc5-44c5-959c-a441b1fe0533%3B631c41a0-1a15-4dc5-beca-8fb904cede74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=8&rand=0.7006813842685666
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
901b3226c6c87a83d958ad3351b6010c0e6f762be52db5334bace9598754c8ab

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
438
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&CanonicalUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&PublisherDomain=https%3A%2F%2Fwww.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
32d390304264612c2a187859cd715099ca4734153e3d3f2c67000816f4fbbe7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:28 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
218
vary
Accept-Encoding
content-length
358
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=3000
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
2fa2e44f6135affd9c2535d607b355c552d8bbfbfe21677ef9e6404529ba7eaa

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
55f189c2a48dc25d22646f07ac267925aa3972553f1eecd168dacca2c6a1ecd8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		899 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
688b5398863481ec6ab98741317daab8a2f91f2701be460040447ed0f9ad8438

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		858 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b9cdf1955f32bc8cf1fea73ffd06e28c90bc5cea8c706a2f59ffd596362cf523

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
fe5504b5b063b96ef7f940d8fe043a0950de4d9d4c4a5185156a11744ac6e57b

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		926 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
f3ba46ae5358220846af34df577b8aa0d1039eff018887336afe7b3d912ee88b

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		912 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b6f16f6713b6b925412d3a2f7c7d387194e7e2858a8307e9413b40322626d64f

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21742&site_id=298030&zone_id=1499626%3B1499644%3B1099828%3B1499650%3B1499648%3B1499612%3B1499614&size_id=2%3B15%3B2%3B15%3B15%3B9%3B9&alt_size_ids=57%3B%3B%3B10%3B10%3B8%2C10%3B8%2C10&eid_pubcid.org=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tg_i.area=news&tg_i.pbadslot=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cleader_wide%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_top%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_left_top%3B424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&tk_flint=pbjs_lite_v4.43.4&x_source.tid=6adad415-5279-4e32-ab1c-79c74d7db15c%3Bd260bff2-5a78-4ca3-bf67-72ce41904a89%3Bfc56d6df-fd5d-4fae-b002-1d6aab698371%3B0e8d063c-f883-4591-a610-e88348bed51a%3B4eae3901-7bd0-4b40-9bb2-33736e71e059%3B445feb9d-5cc5-44c5-959c-a441b1fe0533%3B631c41a0-1a15-4dc5-beca-8fb904cede74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=7&rand=0.9529138912034125
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
33bcc6b68d113156168625b10940aef2bf1569115d9415a55d033c15fc2b3f30

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
413
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_10&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ae959d07963fa22f3e56a62d7045f26077e339704b33b6561dd6ff57255d9bd8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_billboard&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0e123b30fd820eead779ec31fc1c3b5ba026cd84700ca4764f4df00ad0916d10

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_20&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4f128b41820e2e205ec11d9f5a8d6f6d03116ff73b2e6f5545857adef82b5ef5

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
41a312eaa98adf2a8a5e40b7447e9658775067db2cfa9883a7c0af6cae777181

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_left_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
57be1d8816e35c22a3c53f2f1af7f6d014f741b5453b44c6d2ab14d074631517

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_right_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f94d8cd7a7abc0b44ff24295c7ff072e04cf411bc0429b338797be3d1209de15

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
bid
krk.kargo.com/api/v2/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%226f3576f2-1e80-465e-93d9-aa6b4f82a428%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1647594749075%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22848a1b9680e34f1%22%3A%22_teERjYwBsT%22%2C%22859ceec41b9f154%22%3A%22_krVERnTRLY%22%2C%2286fc035dd5ec082%22%3A%22_gWgBeHNZjP%22%2C%2287d092ad60fe09c%22%3A%22_gWgBeHNZjP%22%2C%2288dcea01e0f7ce5%22%3A%22_lZhNpOu1Wd%22%7D%2C%22bidSizes%22%3A%7B%22848a1b9680e34f1%22%3A%5B%5B300%2C250%5D%5D%2C%22859ceec41b9f154%22%3A%5B%5B300%2C250%5D%5D%2C%2286fc035dd5ec082%22%3A%5B%5B300%2C250%5D%5D%2C%2287d092ad60fe09c%22%3A%5B%5B300%2C250%5D%5D%2C%2288dcea01e0f7ce5%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_teERjYwBsT%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_left_top%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22sky_left_top%22%2C%22transactionId%22%3A%225993a10e-c537-4a91-9bea-ec5957120cd6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22848a1b9680e34f1%22%2C%22bidderRequestId%22%3A%22831b3a908e7c61a%22%2C%22auctionId%22%3A%22e57651f5-b247-428c-8bfd-138c34c69a95%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A11%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_krVERnTRLY%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22sky_right_top%22%2C%22transactionId%22%3A%22e90b8c17-a245-46af-87ad-7eda590cc4cd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22859ceec41b9f154%22%2C%22bidderRequestId%22%3A%22831b3a908e7c61a%22%2C%22auctionId%22%3A%22e57651f5-b247-428c-8bfd-138c34c69a95%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A11%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_gWgBeHNZjP%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_top%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22mpu_top%22%2C%22transactionId%22%3A%22b3618f96-bbb9-4f64-a212-4c7c639f7ff8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2286fc035dd5ec082%22%2C%22bidderRequestId%22%3A%22831b3a908e7c61a%22%2C%22auctionId%22%3A%22e57651f5-b247-428c-8bfd-138c34c69a95%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A4%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_gWgBeHNZjP%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22mpu_puff_10%22%2C%22transactionId%22%3A%22a2efe1fe-7a9e-4406-911f-84f251c32c68%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2287d092ad60fe09c%22%2C%22bidderRequestId%22%3A%22831b3a908e7c61a%22%2C%22auctionId%22%3A%22e57651f5-b247-428c-8bfd-138c34c69a95%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A4%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lZhNpOu1Wd%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22billboard%22%2C%22transactionId%22%3A%226adad415-5279-4e32-ab1c-79c74d7db15c%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%2288dcea01e0f7ce5%22%2C%22bidderRequestId%22%3A%22831b3a908e7c61a%22%2C%22auctionId%22%3A%22e57651f5-b247-428c-8bfd-138c34c69a95%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A4%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.63.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-63-26.compute-1.amazonaws.com
Software
/
Resource Hash
f442712c9ac7577e33190ddb4b3644e630e707d3efa55587bfcf66768b9ebb3c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
transfer-encoding
chunked
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bid-request
a.teads.tv/hb/ 		16 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 18 Mar 2022 09:12:29 GMT
hb
ssc.33across.com/api/v1/ 		118 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a0rT0o88Cr64kKaKjGFx_2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f8bba065e4aafcebfff1cad3622e0a079704f611574c88c14ffa71d91f46269f

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cSmLMW88Cr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3eac564b5174dea9e1b58c67189931a8c6e75bf045f3357ef442fab90390963e

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		22 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dU5aOA88Cr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b23d6c5e4a6275efcb52f8d4361a68d1b71aa611f39f63505abf44a982fa9b83

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=acKPZE88Gr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
dfb534536ff59e48c6c68ea5a728ff903e838e70f98a02115e90bb91d8fcd8fc

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dYVe4I88Cr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e2b83da8b872008b62f01fe81857399c901af35cd51fa10b0e7dc9a0e24d33da

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		32 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aw6jbo88Gr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
01df9bb89d103d50b21c0170f3653236c35935b7afcf69b284aedc2f82875a69

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		28 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azW6xS88Gr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d4396aa802dbd86e837619e869f865ec943142b5506de5d5b3a23cb92c82e95a

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c8b5704d9d69c1de12cc51974a0c6d684a99444a6cdfa8162b51f3e2c8fe32c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
12e67ef9-1c41-4c12-9fe0-f46f34ee9609
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
mailonline-us-d.openx.net/w/1.0/ 		174 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6adad415-5279-4e32-ab1c-79c74d7db15c%2Cd260bff2-5a78-4ca3-bf67-72ce41904a89%2Cf9112451-da86-4031-b4db-9602adcc271e%2C84455d0a-fcb9-4a30-be5f-3f1de6c8d6ea%2C549f2976-6077-4e79-8c85-b2b581daa596%2Cf26802d1-c559-48fb-9291-59d8d8f4561c&nocache=1647594749089&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&aus=970x250%2C728x90%7C300x250%7C160x600%2C120x600%7C160x600%2C120x600%7C300x250%2C300x600%7C300x250%2C300x600&divids=billboard%2Cmpu_puff_20%2Csky_left_top%2Csky_right_top%2Cmpu_puff_10%2Cmpu_top&aucs=424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Cbillboard%2C424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Cmpu_puff_20%2C424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Csky_left_top%2C424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Csky_right_top%2C424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Cmpu_puff_10%2C424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Cmpu_top&auid=540406070%2C540406085%2C540406092%2C540406093%2C540406084%2C540406071
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
2e8744404786783123badc9c0563e846b519431097c49e3b5ee6506576c92cab

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=357211&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221200e04436a4db6a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221214be53d2194ec9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22357211%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221227dd9bc7071c1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547869%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22123882b2f7c2f6a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547869%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22124f7366c05890ba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547871%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22125ffb0b3015b9f9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547871%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22126824999159e84d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547864%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127404c987b6b196%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547864%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221289e75e2b8e1058%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547864%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212921ca19ffe618%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547873%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221301d0e4d4563d3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547873%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22131925ad15d3d37%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547875%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22132aeeb96437e9ba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22547875%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b8219662c2fd953b71f4f81d7369361c5042a472b246ef7a6da9c9b6418e8337

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:12:29 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdm.dailymailtvhouse&enc_prev_ius=%2F0%2F1&prev_iu_szs=638x92&ifi=1&adks=712872917&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dpara_top&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus&sc=1&cookie_enabled=1&cdm=www.dailymail.co.uk&abxe=1&dt=1647594749134&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=318&adys=928&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=636x1&msz=638x1&fws=0&ohw=0&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
fc8caa1d43b21beddb1746ab7083d245520ff6ffdbf773b5e166dfb68ee37a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9542
x-xss-protection
0
google-lineitem-id
4673068018
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322672366
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E805 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:29 GMT
expires
Sat, 18 Mar 2023 09:12:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-paywall-client/1.3.2/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-paywall-client/1.3.2/index.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
958889b8dab6ef56706d5305de9b7cfe54f6a76ad18e9b4ea719da108d897b45

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 09:48:49 GMT
server
AkamaiNetStorage
etag
"60708e8b60087ef31175364a67a1c32b:1643104129.74751"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
24223
expires
Sun, 17 Apr 2022 09:12:29 GMT
products
fff.dailymail.co.uk/ 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/products?articleId=2187999&geo=us
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.7.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
x-rs-ops
fff2-fe:8180
date
Fri, 18 Mar 2022 09:12:29 GMT
content-length
2
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=&gdpr_consent=&uid=y-YMXV2ENE2pGgXba1nwTkR_YLUUAGPYkBJs7Ro8Uja4zTsWnXnD7BXE8-~A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=&gdpr_consent=&uid=y-YMXV2ENE2pGgXba1nwTkR_YLUUAGPYkBJs7Ro8Uja4zTsWnXnD7BXE8-~A
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f9f97f12-8077-4f50-972b-3d038c5b3756
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=&gdpr_consent=&uid=y-YMXV2ENE2pGgXba1nwTkR_YLUUAGPYkBJs7Ro8Uja4zTsWnXnD7BXE8-~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setABframe.js
www.newzit.com/static/2.0.2/ Frame F974 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/static/2.0.2/setABframe.js
Requested by
Host: www.newzit.com
URL: https://www.newzit.com/setABframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
6f06e5942c215b579081fb9f4b6bd6a255521317b8867235a896ae17aaab796b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.newzit.com/setABframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
last-modified
Wed, 23 Feb 2022 10:38:59 GMT
server
Akamai Resource Optimizer
etag
"8d37bc3233e081e3d26dcbbfd2b019ea:1645612124.862122"
content-type
application/x-javascript
cache-control
max-age=604769
accept-ranges
bytes
content-length
1065
expires
Fri, 25 Mar 2022 09:11:58 GMT
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsync/ Frame 5AB0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
4b9dd54a4e137d4d0cba2f4734ddaed2457d3a3efd6309b32570021d29376860

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
568
Connection
keep-alive
sync-success
klkstrm.kargo.com/event/ 		11 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://klkstrm.kargo.com/event/sync-success
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.131.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-131-185.compute-1.amazonaws.com
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
11
Content-Type
application/json
polyfill.min.js
cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/ Frame B268 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/polyfill.min.js
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
406b5e9637f14be575feb40ea562ad87cd743bd4ae02c72d83ef630f065733ab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:06:00 GMT
server
AkamaiNetStorage
etag
"29de7c303b452ded5a3891c89719fd72:1634306824.160997"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=77304
accept-ranges
bytes
expires
Sat, 19 Mar 2022 06:40:53 GMT
mol-ads-cmp.min.js
cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/ Frame B268 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.min.js
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
57b68f466e854cd12966ac873b76a727581137640b76062cd8d8abcaef327d4c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:05:58 GMT
server
AkamaiNetStorage
etag
"19c98ce6dc1e0baa0158012b7884ca9e:1634306822.26509"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=79591
accept-ranges
bytes
content-length
27528
expires
Sat, 19 Mar 2022 07:19:00 GMT
/
id.sv.rkdms.com/identity/ 		66 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=DAILYMAIL&sv_domain=www.dailymail.co.uk
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184669-186298276891027.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.37.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-37-25.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
9c58a3f0e6eb1f893f9d2a1c0df6015a3dda7219bf31c96cfdd2044396ca6ced

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:29 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
66
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184669&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184669-186298276891027.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
dd122abb503ca2ebedf09866537075bf3290e7f7b7562585a4da3d38c3b53cb2

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 17 Apr 2022 09:12:29 GMT
identity
api.rlcdn.com/api/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184669-186298276891027.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.19.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-19-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
public, max-age=86400
last-modified
Thu, 17 Mar 2022 06:11:39 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 09:40:20 GMT
content-encoding
gzip
age
257529
x-guploader-uploadid
ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Mar 2023 09:40:20 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Fri, 18 Mar 2022 08:37:03 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="esp.js"
accept-ranges
bytes
content-length
11458
x-request-id
1769754
googleESP.js
js-sec.casalemedia.com/um/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/googleESP.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 19:23:40 GMT
Server
Apache
ETag
"e20064-9e5-5d8279649fb38"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1174
publishertag.ids.js
static.criteo.net/js/ld/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
7a640181766a1a023594158f7294cf5d25263ee90a3194e8c8d15b17fb7cccca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:26 GMT
server
nginx
etag
W/"6226c292-8c91"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:29 GMT
container.html
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7029 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:12:29 GMT
expires
Sat, 18 Mar 2023 09:12:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEFHalaYu0qYsUvzNQ5KVB5U&error=&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf&google_cver=1
35 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEFHalaYu0qYsUvzNQ5KVB5U&error=&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf&google_cver=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEFHalaYu0qYsUvzNQ5KVB5U&error=&type=ddp&k=fc90bebe-df0f-4783-9136-4dadff05fcca&u=869b04fa-ec24-4695-beb4-53b261fa91cf&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5AB0
Redirect Chain
  • https://idsync.rlcdn.com/463146.gif?partner_uid=4fb1b838-50eb-beb2-fc23-7e189ad55028
  • https://idsync.rlcdn.com/1000.gif?memo=CKqiHBIwCiwIARD0-gEaJDRmYjFiODM4LTUwZWItYmViMi1mYzIzLTdlMTg5YWQ1NTAyOBAAGg0I_ZnRkQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=444409272da3f4da47b750e452f5ea7a3ddff044ef23a1a1085902591128ec82791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0NDQ0MDkyNzJkYTNmNGRhNDdiNzUwZTQ1MmY1ZWE3YTNkZGZmMDQ0ZWYyM2ExYTEwODU5MDI1OTExMjhlYzgyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0NDQ0MDkyNzJkYTNmNGRhNDdiNzUwZTQ1MmY1ZWE3YTNkZGZmMDQ0ZWYyM2ExYTEwODU5MDI1OTExMjhlYzgyNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ZnRkQYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
H2
Server
3.217.244.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-244-219.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1647594750
x-served-by
beacon-n032-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date
Fri, 18 Mar 2022 09:12:30 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
4fb1b838-50eb-beb2-fc23-7e189ad55028
crb.kargo.com/api/v1/sync/Tapad/ Frame 5AB0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2781&partner_device_id=4fb1b838-50eb-beb2-fc23-7e189ad55028&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F4fb1b838-50eb-be...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2781&partner_device_id=4fb1b838-50eb-beb2-fc23-7e189ad55028&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F4fb1b838-5...
  • https://crb.kargo.com/api/v1/sync/Tapad/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=af231e30-3711-4eea-abed-7905c7506b1d
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/Tapad/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=af231e30-3711-4eea-abed-7905c7506b1d
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://crb.kargo.com/api/v1/sync/Tapad/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=af231e30-3711-4eea-abed-7905c7506b1d
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ttd
crb.kargo.com/api/v1/sync/ Frame 5AB0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
363
4fb1b838-50eb-beb2-fc23-7e189ad55028
crb.kargo.com/api/v1/sync/mediamath/ Frame 5AB0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=65&redir=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2Fmediamath%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Ddc9f4590-7bca-4faf-a635-dfc4b1d024e4%26gd...
  • https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
MT3 4256 109297d master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=dc9f4590-7bca-4faf-a635-dfc4b1d024e4&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:28 GMT
DBM
crb.kargo.com/api/v1/dsync/ Frame 5AB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_cm&google_sc&google_dbm&gdpr=0&gdpr_consent=&us_privacy=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028
  • https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEKoSd70A_ddBqFqGOtNUctA&gdpr=0&gdpr_consent=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEKoSd70A_ddBqFqGOtNUctA&gdpr=0&gdpr_consent=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEKoSd70A_ddBqFqGOtNUctA&gdpr=0&gdpr_consent=&krgids=dc9f4590-7bca-4faf-a635-dfc4b1d024e4_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv360_cb
crb.kargo.com/api/v1/ Frame 5AB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_hm=NGZiMWI4MzgtNTBlYi1iZWIyLWZjMjMtN2UxODlhZDU1MDI4&gdpr=0&gdpr_consent=&us_privacy=
  • https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=294674&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184669-186298276891027.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
X-AK-INITIAL-GEO
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-CS-CLIENT-GEO
31
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
31
Expires
Fri, 18 Mar 2022 09:12:30 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=7c645530-439f-430f-be08-f3bda86d545b
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cab2f10f-81b6-4580-989d-dd5cb82f3f90
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7029 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 11:11:47 GMT
16882704431528091271
tpc.googlesyndication.com/simgad/ Frame 7029 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16882704431528091271?
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d92c3b28a7a520fc0acd744ce76abd78d7d2b6ca75e278eb45569314a741822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:32:52 GMT
x-content-type-options
nosniff
age
103177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76498
x-xss-protection
0
last-modified
Fri, 04 Sep 2020 19:58:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 04:32:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7029 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:29 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 7029 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59318
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
increment
id5-sync.com/api/esp/ 		0
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Date
Fri, 18 Mar 2022 09:12:29 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
cookieSync.html
js-sec.casalemedia.com/um/ Frame 6AE2 		130 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/cookieSync.html
Requested by
Host: js-sec.casalemedia.com
URL: https://js-sec.casalemedia.com/um/googleESP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 22 Oct 2020 14:12:07 GMT
ETag
"e200fb-82-5b2430c98a4bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
113
Date
Fri, 18 Mar 2022 09:12:29 GMT
Connection
keep-alive
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=26427592&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26427592%26t%3D1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26427592%26t%3D1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
41fee7ab-04e1-40a1-ae9e-70270cdd9824
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa0ff012-2081-40f2-88a7-17a5951792d2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26427592%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=26762887&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26762887%26t%3D1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26762887%26t%3D1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
00e1c170-68ab-45a3-a0cb-ee036cdc69e2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
75d934f7-7eb6-44cd-ba98-7f3f380f96c3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26762887%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fdpid%3D267%26segid%3D10277
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fdpid%3D267%26segid%3D10277&rdf=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=267&segid=10277
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=267&segid=10277
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?dpid=267&segid=10277
date
Fri, 18 Mar 2022 09:12:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
cta-component.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e574a4509ea71b73a287354425c44b7fbf927c14ae8a35d1c048f493daca70cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
5n9urAx6qUoiI0GIw2I.1Ao73U81AtZh
content-encoding
gzip
etag
"553ecfb9d9b283e6e10ef1b97c8daf41"
age
66
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5022
x-amz-id-2
9JT13KQZ6P1e068zcr8parSUjZwQu29vrp3hgkhy9bj9CrE/TyFCtqmX8Dk1A83q8reSaSM6WEo=
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 10 Mar 2022 20:01:38 GMT
server
AmazonS3
x-timer
S1647594750.628807,VS0,VE1
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
x-amz-request-id
KVN94WCY95Q8BC44
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
1
tb
15.taboola.com/ 		32 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=dailymail-us&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%202nd&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&encoded=1&uid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&variant=544384|550&callback=TRC.videoTagCallbacks.videoCallback1&cb=1647594749626&tagid=&cntry=US&platform=1&sesid=9c6836594cef2942d1cf0d184ab37db3&itemid=/news/article-2187999/will-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&viewid=1647594748161&geolat=&geoing=&deviceifa=&appid=&sd=v2_9c6836594cef2942d1cf0d184ab37db3_efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c_1647594748_1647594748_CNawjgYQ-ow9GIHysuL5LyABKAEw4QE4kaQOQIzbDkixy9kDUI8EWABgAGjb_5X0ga2ul6YBcAA&ri=b5c1684caac6e9a499e3ae328d5eb638&appname=&cdb=&gdprApplies=true&rid=&sii=3348883001482854866&oee=true&tpubid=1001082&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=IN&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1001079&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3c6cbad68f6797801a955c744aee62f30668da281d0d1df25c4852f6a8504bb

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1178
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-ewr18169-EWR
pragma
no-cache
server
nginx
x-timer
S1647594750.645664,VS0,VE12
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f920bc11ab1f6018e6895b6863e3a8666650ba33a5685ee2af753e63d82c80c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
o7l2Mw9Id21q_gcS8Zy9gEScJnT0VI7d
content-encoding
gzip
etag
"41c79f6b04c00e88a8a05a400f26c79e"
age
74
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5450
x-amz-id-2
1miyfui7UU0X/qOB5mD1u6qE9nCUCW2fstKlR73zET2yjt2NixMzGX2hL5zf7sGqDhUYAukpwXI=
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 10 Mar 2022 20:02:29 GMT
server
AmazonS3
x-timer
S1647594750.637584,VS0,VE1
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
x-amz-request-id
54XNCAS96XNE90PR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
1
tb
15.taboola.com/ 		38 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=dailymail-us&unitType=244&tbloc=&pageType=text&pstn=Desktop-Wide&uuip=Feed%20-%20desktop-Desktop-Wide&cisrf=&cirf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&encoded=1&uid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&variant=544384|550&callback=TRC.videoTagCallbacks.videoCallback2&cb=1647594749629&tagid=&cntry=US&platform=1&sesid=9c6836594cef2942d1cf0d184ab37db3&itemid=/news/article-2187999/will-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&viewid=1647594748161&geolat=&geoing=&deviceifa=&appid=&sd=v2_9c6836594cef2942d1cf0d184ab37db3_efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c_1647594748_1647594748_CNawjgYQ-ow9GIHysuL5LyABKAEw4QE4kaQOQIzbDkixy9kDUI8EWABgAGjb_5X0ga2ul6YBcAA&ri=6edd69d1c175a579653c3f2a2b70db7f&appname=&cdb=&gdprApplies=true&rid=&sii=3348883001482854866&oee=true&tpubid=1001082&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=IN&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1001079&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a647e66154e2d094d529946ffa2b1075321351bfc67230948d13b0aaa68f019

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1820
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-ewr18169-EWR
pragma
no-cache
server
nginx
x-timer
S1647594750.645570,VS0,VE31
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ch-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-us/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a80c7226cac798d29857924600ed11dbfbbc6240a3614e9a0a44398ed6125bc0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
ORPOUpjPm.sIT36azfAlKuXZEtrooXwq
content-encoding
gzip
etag
"26b6beca674d870ce73261d75a528536"
age
85
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1311
x-amz-id-2
d3vg1pvFsuLB3Wwlx8q9CUZP/2JUKk8F+6z1fMOMM9ltzhaJh7EBGLXZMd1Sl+ZO0xQ7S8g/24c=
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 10 Mar 2022 20:01:47 GMT
server
AmazonS3
x-timer
S1647594750.642877,VS0,VE1
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
x-amz-request-id
A4EB5RQYC7F92J6T
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
1
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
22
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
6DR5OpkPW+aNX8H+P46rX2Gv0B0bOjxkOnmn5vz5UUGQ+DvkYmHvCy/kWsGT7FsdjVbr/kkGaKY=
x-served-by
cache-ewr18169-EWR
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1647594750.645378,VS0,VE0
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
VW6NQKYAKYYMJNBV
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
30
x-cache-hits
5
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
etag
"11d8569a7da0739259e3ac0b0d666e94"
age
99
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
4PCOlxcnTCoX1Jeksvoa5ZISBrfcz+QFce5WsRF8yd5ofFNp7k8piRvmjJWX7B+vRK4b+SxOJJU=
x-served-by
cache-ewr18169-EWR
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1647594750.652040,VS0,VE0
date
Fri, 18 Mar 2022 09:12:29 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
KN1HK4BN9J8MP2ZE
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
30
x-cache-hits
16
publisher-purposes-list.json
cmp.dmgmediaprivacy.co.uk/data/v1/ Frame B268 		354 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/data/v1/publisher-purposes-list.json
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5df0f247da77359540280c424cd0e7167941a3824cac7828ffabc4a2997cd887

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
last-modified
Wed, 16 May 2018 09:27:00 GMT
server
AkamaiNetStorage
etag
"d2998c4f37cfd1dfc00f7df8bc14de66:1536323600.231037"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=924
accept-ranges
bytes
content-length
354
expires
Fri, 18 Mar 2022 09:27:53 GMT
vendor-list.json
cmp.dmgmediaprivacy.co.uk/data/v6/ Frame B268 		92 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/data/v6/vendor-list.json
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0f426a5054718834a6399eaee2a5f7e0d8b43cdc1a4e13a12b298738cd5e2736

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/html/iframe.html?mol.ads.cmp.log.level=off&mol.geo.country=US&mol.geo.region=IL&mol.ads.cmp.channel=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
last-modified
Tue, 24 Sep 2019 16:23:26 GMT
server
AkamaiNetStorage
etag
"dc279545bd28fa4b726f74201aa8a541:1569342207.603055"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
10882
expires
Sat, 19 Mar 2022 09:12:29 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		247 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d395da193c774bf8f1d5c5c88f0f8730349624b7ce23f0349c655a55afcb474c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
247
Expires
0
mvo
tag.1rx.io/rmp/231229/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231229/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9929&site_id=124372&zone_id=1694218&size_id=15&eid_pubcid.org=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tg_i.area=news&tg_i.pbadslot=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left&tk_flint=pbjs_lite_v4.43.4&x_source.tid=7bf18f20-f479-4f43-a81d-f75f3aaffa1a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6930681660102131
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d484c6345aab392ed9ff9198dc239eb98e4ec20c43775ede237dda1c453578c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
322
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_left&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8a73d5844ba7e2c3ec26b5a7073fbbeaed4bbc397c1df04e697760b1285e44d4

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dfkcXG88Cr64fWaKlKyvbs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b8504cb69179317d32a031c3e575e1ff2e3be593a2d19ce9b0acc8ac9eb63aa8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ac85666141502ba702cf8e8966e80505724bf05d1e7be43ce9b6c4ccad2fe0f6

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=3000
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503194&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22158f68da9294867d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-03-18T09%3A12%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215976b4f05bcf68c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503194%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
62548b4071330f498b198ea0713c08f1cc8dfe1b77281a74c87822b51d29078d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:12:29 GMT
v1
prg.smartadserver.com/prebid/ 		862 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
73b52766bd9e4d53e44df444b6238ac524e5a0111196b942e7c5f0f944fb7775

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:28 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
arj
mailonline-us-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7bf18f20-f479-4f43-a81d-f75f3aaffa1a&nocache=1647594749702&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&aus=300x250&divids=mpu_left&aucs=424397508%252Cdailymail.uk%252Cdm_dmnews_newsart%252Cmpu_left&auid=541075936
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
f78110796621bc6c8af2e0ac0632dafc23d8ea2009248c39fb1b993b3a01c180

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=3545195629
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
krk.kargo.com/api/v2/ 		2 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%226f3576f2-1e80-465e-93d9-aa6b4f82a428%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1647594749704%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%221674f9ad7989527a%22%3A%22_oCjfhrHjAA%22%7D%2C%22bidSizes%22%3A%7B%221674f9ad7989527a%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_oCjfhrHjAA%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pbadslot%22%3A%22424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22mpu_left%22%2C%22transactionId%22%3A%227bf18f20-f479-4f43-a81d-f75f3aaffa1a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%221674f9ad7989527a%22%2C%22bidderRequestId%22%3A%22166d2696f93fc927%22%2C%22auctionId%22%3A%22752f6b19-893e-4096-9a20-1a474f29d8d1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22clientID%22%3A%226f9bf1eb-a85e-4b4b-a87f-218899e3a341%22%2C%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22rawCRB%22%3A%22%257B%2522v%2522%253A%2522eyJjbGllbnRJZCI6IjZmOWJmMWViLWE4NWUtNGI0Yi1hODdmLTIxODg5OWUzYTM0MSIsImxleElkIjpudWxsLCJzZWdtZW50cyI6W10sInN5bmNJZHMiOnt9LCJrdGNJZCI6bnVsbCwiZXhwaXJlVGltZSI6MTY0NzY4MTE0OTI2NSwibGFzdFN5bmNlZEF0IjpudWxsLCJwYWdlVmlld0lkIjoiIn0%253D%2522%257D%22%2C%22rawCRBLocalStorage%22%3A%22eyJjbGllbnRJZCI6IjZmOWJmMWViLWE4NWUtNGI0Yi1hODdmLTIxODg5OWUzYTM0MSIsImxleElkIjpudWxsLCJzZWdtZW50cyI6W10sInN5bmNJZHMiOnt9LCJrdGNJZCI6bnVsbCwiZXhwaXJlVGltZSI6MTY0NzY4MTE0OTI2NSwibGFzdFN5bmNlZEF0IjpudWxsLCJwYWdlVmlld0lkIjoiIn0%3D%22%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.63.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-63-26.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
social
ch-trc-events.taboola.com/dailymail-us/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/dailymail-us/log/3/social?route=US:CH:V&lti=explore-more-header-ab-test_var&ri=b5c1684caac6e9a499e3ae328d5eb638&sd=v2_9c6836594cef2942d1cf0d184ab37db3_efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c_1647594748_1647594748_CNawjgYQ-ow9GIHysuL5LyABKAEw4QE4kaQOQIzbDkixy9kDUI8EWABgAGjb_5X0ga2ul6YBcAA&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&pi=/news/article-2187999/will-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&wi=3348883001482854866&pt=text&vi=1647594748161&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never...%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%22Emily%20Allen%22%2C%22Anthony%20Bond%22%2C%22Inderdeep%20Bains%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.dailymail.co.uk%2Fi%2Fpix%2Fscaled%2F2012%2F08%2F15%2Farticle-2187999-148CC637000005DC-780_308x185.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A12%3A29.717&id=564&llvl=2&cv=20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame 554B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2159
date
Fri, 18 Mar 2022 09:12:29 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
851dcc86-229c-4536-b1dd-2ac5aef31056_1000x600.jpeg
images.taboola.com/taboola/image/fetch/h_217,w_260,c_fill,g_xy_center,x_460,y_300/https%3A//console.brax-cdn.com/creatives/aa48e9ad-d1e5-4a88-962d-b2770fc5d7d1/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_217,w_260,c_fill,g_xy_center,x_460,y_300/https%3A//console.brax-cdn.com/creatives/aa48e9ad-d1e5-4a88-962d-b2770fc5d7d1/images/851dcc86-229c-4536-b1dd-2ac5aef31056_1000x600.jpeg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
add4f871b70e2e8324cd088a0dd6ee4ac58678135cec90155f02361bea14e33b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
181244
edge-cache-tag
334566889442151329283183944806606290187,393004792930404533871344618034053687188,29ecf9b93bbf306179626feeda1fab70
cache-tag
334566889442151329283183944806606290187,393004792930404533871344618034053687188,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
141
expiration
expiry-date="Sun, 03 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_217,w_260,c_fill,g_xy_center,x_460,y_300/https%3A//console.brax-cdn.com/creatives/aa48e9ad-d1e5-4a88-962d-b2770fc5d7d1/images/851dcc86-229c-4536-b1dd-2ac5aef31056_1000x600.jpeg
content-length
20798
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 03 Mar 2022 12:32:30 GMT
server
nginx
x-timer
S1647594750.750372,VS0,VE0
etag
"85c622911fc5b808520cf597a07a2d0d"
x-served-by
cache-bwi5021-BWI, cache-iad-kcgs7200057-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
1207b1a2c52906c41033253957fcf9bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1207b1a2c52906c41033253957fcf9bc.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03f751c8f1b04cd8553e3494d5dbc7b1b8ba18ec799f68cc3d4c669dc558a4ff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
184252
edge-cache-tag
359523682821168750837290773565060122967,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
cache-tag
359523682821168750837290773565060122967,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
137
expiration
expiry-date="Thu, 14 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1207b1a2c52906c41033253957fcf9bc.jpg
content-length
9760
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 14 Mar 2022 20:25:28 GMT
server
nginx
x-timer
S1647594750.750505,VS0,VE0
etag
"06e8495e2f2cd55d267d5d51ad43b525"
x-served-by
cache-wdc5531-WDC, cache-iad-kiad7000155-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
f92221defcb053a3ccfc50a40ed4ed11.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f92221defcb053a3ccfc50a40ed4ed11.jpeg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3a662d88f8c83e62e89b6866176972132ff80a56240f26898719954322dbeb6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
215235
edge-cache-tag
504447638565794031566860797050771719582,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
cache-tag
504447638565794031566860797050771719582,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
34
expiration
expiry-date="Tue, 15 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f92221defcb053a3ccfc50a40ed4ed11.jpeg
content-length
6528
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 12 Feb 2022 01:47:14 GMT
server
nginx
x-timer
S1647594750.750432,VS0,VE1
etag
"72699616f50faaa9cb8959615f09902c"
x-served-by
cache-wdc5530-WDC, cache-iad-kjyo7100025-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		231 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fe5ffe12a888f717e07570cb53e4986dea0314ced36532affff1dcdb793bb9a4

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
231
Expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.0.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-0-170.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
234206
search.spotxchange.com/openrtb/2.3/dados/ 		0
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/234206?src_sys=prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.123 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
X-SpotX-Timing-Transform
0.000243
X-SpotX-Timing-SpotMarket
0.002276
X-SpotX-Timing-Page-Mux
0.000694
X-SpotX-Timing-Page-Require
0.000265
X-fe
335
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000001
X-SpotX-Timing-Page
0.005639
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000242
Last-Modified
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002276
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.001908
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f14a76c50ce2f7118e33332d8280be8f2c017d2d91a2ca03eedbcf38b51dc5ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
106856f0-3a86-4d6f-a6cd-16ae75f92f65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
13c963fa8c8844e497beb3358a55958f2eae9cf36e282afdfdc7186e07d39826

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=294677&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22180dab5ab2a9e315%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-03-18T09%3A12%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22181a7453c9e36e9%22%2C%22ext%22%3A%7B%22siteID%22%3A294677%2C%22sid%22%3A%22636x358%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22playerSize%22%3A%5B%5B636%2C358%5D%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22w%22%3A636%2C%22h%22%3A358%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfa54313a6c6bf4bc8a8f4990402dd166bb91730484569a2d1ea29eb3711aba1

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:12:29 GMT
tag
m7hdh-2damu.ads.tremorhub.com/ad/
Redirect Chain
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackp...
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackp...
55 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0a86fd6a-476f-4512-8513-0e5497e7fd70&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
30b4bafcad28fef48298dc6044b213136d4839b4cc1447ac446a1f36430b3217

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8

Redirect headers

location
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-s5m8k&playerWidth=636&playerHeight=358&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0a86fd6a-476f-4512-8513-0e5497e7fd70&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
date
Fri, 18 Mar 2022 09:12:29 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.dailymail.co.uk
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
avjp
mailonline-us-d.openx.net/v/1.0/ 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0a86fd6a-476f-4512-8513-0e5497e7fd70&nocache=1647594749737&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A636%2C%22h%22%3A358%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%7D%7D%5D%7D&auid=540642982&vwd=636&vht=358&aucs=424397508%252Cdm.video%252Cdm_video_news%252Cpreroll
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/231254/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231254/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
tlx.3lift.com/header/ 		19 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=4500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=12023307994
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
e97dbef694bb4cf366da8e3eefdd5d665ff77d0f497db71f4a8c70515264a06b

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
8d99ab4effccb439edcd49ddb7d02aca002252cb065a63a9aee5ccbb46367dce

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
1207b1a2c52906c41033253957fcf9bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1207b1a2c52906c41033253957fcf9bc.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b3ee9f691697efd6172f44a0e5db5bad1e4a5017186ca7df2bdc30aa28db703d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
308128
edge-cache-tag
359523682821168750837290773565060122967,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag
359523682821168750837290773565060122967,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1207b1a2c52906c41033253957fcf9bc.jpg
content-length
36150
x-request-id
06c289155323d0f893e4143a2a248389
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 14 Mar 2022 01:25:12 GMT
server
nginx
x-timer
S1647594750.757218,VS0,VE0
etag
"0aa424c836d1a10e72c72d3470910ca6"
x-served-by
cache-wdc5579-WDC, cache-iad-kjyo7100176-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.6.9/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b4dd08942d096c41c42aeb1f36db7261f30841da30fedbfd19e77e87a0cfe55

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 b7ddb18a56b4bad68ca78b085e9ca450.cloudfront.net (CloudFront), 1.1 varnish
age
1369294
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28832
x-served-by
cache-ewr18169-EWR
last-modified
Wed, 02 Mar 2022 12:50:08 GMT
server
AmazonS3
x-timer
S1647594750.794474,VS0,VE0
etag
"21fe8bfcdadd2e040a7cfd343b7e50c0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
jP6lyeajlNcuk3UPY-l7oiJXK2m7FQWRPpnCyft5E5W7TS5_a4rbew==
x-cache-hits
5434
img_61b91af85488e7.42723663_RwXI0GJ4Ghtwb8fYS1eQ8WxjHBdG5InDxZRWIMvyAQBcy8XeLn_7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_61b91af85488e7.42723663_RwXI0GJ4Ghtwb8fYS1eQ8WxjHBdG5InDxZRWIMvyAQBcy8XeLn_7.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28c4165970bc2b9db87ca79a18b417a8315b69fee209d285e2c2df093bd56cfc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
1204019
edge-cache-tag
554975078332710306173164131731056079923,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag
554975078332710306173164131731056079923,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
68
expiration
expiry-date="Fri, 18 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_61b91af85488e7.42723663_RwXI0GJ4Ghtwb8fYS1eQ8WxjHBdG5InDxZRWIMvyAQBcy8XeLn_7.jpg
content-length
18240
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 15 Feb 2022 22:13:47 GMT
server
nginx
x-timer
S1647594750.794531,VS0,VE0
etag
"db768cd6b11d100d70d9f358ae85c83c"
x-served-by
cache-bwi5030-BWI, cache-iad-kiad7000058-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
6deb46cb3b44fc1de61b2cdea89c4a7e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6deb46cb3b44fc1de61b2cdea89c4a7e.jpeg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34dfab82e961536da0aa2ab6e0739816c7e674cfe5526950cffbdfe2dd0f3463

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
871954
edge-cache-tag
512623952799689871672615632436319485910,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag
512623952799689871672615632436319485910,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
291
expiration
expiry-date="Wed, 09 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6deb46cb3b44fc1de61b2cdea89c4a7e.jpeg
content-length
32884
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 06 Feb 2022 18:08:40 GMT
server
nginx
x-timer
S1647594750.794618,VS0,VE0
etag
"f4f76505d36b10c6fea37bece3188b98"
x-served-by
cache-wdc5546-WDC, cache-iad-kcgs7200077-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 8
1647013306_385259.jpg_f600x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.trend180.com/img/relief/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.trend180.com/img/relief/1647013306_385259.jpg_f600x600.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e36c341cc1a1f69173c290f68163e54f323d8583d35ca9979874a0ab5bfe783b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
181722
edge-cache-tag
467730258886058149096003594430287824382,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag
467730258886058149096003594430287824382,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.trend180.com/img/relief/1647013306_385259.jpg_f600x600.jpg
content-length
12536
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 11 Mar 2022 18:30:37 GMT
server
nginx
x-timer
S1647594750.794699,VS0,VE0
etag
"d0144b20d11d597c16ab1104f1b6be09"
x-served-by
cache-bwi5071-BWI, cache-iad-kcgs7200103-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
f92221defcb053a3ccfc50a40ed4ed11.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f92221defcb053a3ccfc50a40ed4ed11.jpeg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2cc194c018f1090c659aa760b946a7e3cef579330f192250547c5c8bc640410c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish, 1.1 varnish
age
99804
edge-cache-tag
504447638565794031566860797050771719582,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag
504447638565794031566860797050771719582,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
169
expiration
expiry-date="Sat, 16 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f92221defcb053a3ccfc50a40ed4ed11.jpeg
content-length
16320
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 16 Mar 2022 11:03:32 GMT
server
nginx
x-timer
S1647594750.794771,VS0,VE1
etag
"fef464562a30ceb02a5f7de57cafb83f"
x-served-by
cache-wdc5533-WDC, cache-iad-kjyo7100151-IAD, cache-ewr18169-EWR
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		231 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a1032d048683350521b9444f517c12709baec5b2c3d268217840fcc5d145cb0c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
231
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
0923d9701897ccef523a068f0f101e4316bb8d75a322907372ca26248a3b90b6

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
avjp
mailonline-us-d.openx.net/v/1.0/ 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0531afe9-c036-4c7b-af58-ce68646a07b8&nocache=1647594749765&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A401%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%7D%7D%5D%7D&auid=540642937&vwd=401&vht=225&aucs=424397508%252Cdm.chromelessvideo%252Cdm_dmnews_news%252Cpreroll
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 google
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
m7hdh-2damu.ads.tremorhub.com/ad/
Redirect Chain
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackp...
  • https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackp...
55 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0531afe9-c036-4c7b-af58-ce68646a07b8&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0b4183643ddb787e349ae83e8c841503a67b00f3acddc7055419501d31011770

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8

Redirect headers

location
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=0531afe9-c036-4c7b-af58-ce68646a07b8&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json&_tur=T
date
Fri, 18 Mar 2022 09:12:29 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.dailymail.co.uk
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
auction
prebid-server.rubiconproject.com/openrtb2/ 		952 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
e27784c5e5f0bf32d189e22536974d8bd0af4bc0f8d3ad953d462f7c92b42754

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
543
expires
0
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=4500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
3bbd362e1d30b4ed3e2291854efa306fe7c3977400e2a3146303bd0753e787fc

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
mvo
tag.1rx.io/rmp/231256/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231256/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6d84f433ce47fbde66cccfe2f25e18a19a86f7e118e739cf4e713b13e0560705
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:29 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
54d41a12-85cb-48b2-b179-a9b5d8deadb1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.0.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-0-170.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=294681&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222258acc5e81a0b5a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-03-18T09%3A12%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222269a7dbbdcac51a%22%2C%22ext%22%3A%7B%22siteID%22%3A294681%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22playerSize%22%3A%5B%5B401%2C225%5D%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22w%22%3A401%2C%22h%22%3A225%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13ee6be1edb266938e679490a88343735dfe5efebe63bdb7c920ef15da3288c8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:12:29 GMT
226453
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/226453?src_sys=prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.123 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
X-SpotX-Timing-Transform
0.000352
X-SpotX-Timing-SpotMarket
0.004822
X-SpotX-Timing-Page-Mux
0.000961
X-SpotX-Timing-Page-Require
0.000339
X-fe
326
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000039
X-SpotX-Timing-Page
0.011520
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000296
Last-Modified
Fri, 18 Mar 2022 09:12:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004822
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.004695
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=37283846418
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.6.9/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront), 1.1 varnish
age
94737
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29420
x-served-by
cache-ewr18169-EWR
last-modified
Wed, 02 Mar 2022 12:50:08 GMT
server
AmazonS3
x-timer
S1647594750.794822,VS0,VE0
etag
"fc14dc1b8b9b350592c06408d9365f23"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RpCWGk7JWVMGJHE55IplVV4aiv0LRWRqiyqOigq0JJWM9QQqnLuhyA==
x-cache-hits
10934
view
securepubads.g.doubleclick.net/pcs/ Frame 7029 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4XGRam9VPnl4dq9wosHP_pZyd98hs6a_mgxVcbl7iDQZOstvHWhfPAPdURIXB5yB9gPJUzbOhxJwFQ1NbevU-5VfP--PBcRzaoujHOKNNmCAKQppPseXOvxujo6ZycKBqtStfZ7xG1jnrxLyLiCvQNqkYdtekfwp3dZY5mHjJ7GfPrgWh8Qj9SBdyPvdKYISMGvIbwEuwPJwG-cmplH4Scd6fI4Av5JKZtvzo0VQS5d-kbSkIkAe4ji68_1MEHlqO4K7QM47Da14LkxeeM2ebDN9ausYpRRp-5ogLtVKofpCNM8w_lncFXVgcXM3BuxAi5wkUSw&sai=AMfl-YR0aSf3F5o3PYF2oTDN_ajBg1yQjnBdDLDLLbmKfk94nvxQ8yOAl-cT0tJrmbRrYr-moMO_NE_ulrimGLs44xca9uifD7uqKmA3qVFMXJ1OOcDFknPBFz2Nw8-Nglk&sig=Cg0ArKJSzJaAVbN9VfimEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 7029 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUK2yCRNbxuCF-hnZjQZoZLTSIbIxSlPECX-8cPmBTJSPaE9uKROq-X8V0I40E8pHTdgSpV5JyVp1U4dofzOdnRZS4sCVvy7t-eXYOb_nIBdE8cdbSn_CwAztq8s0T9snhjFkwvUTGDGMdHspr2GCKVWr3lSfH8Vz8qpOsj8e3xf48Hro-ucQi47-zS6oXsNYYDAym5RBMhO1cImSQSEg3yPNck_fdT2HJ2H8Ed-hfcg51EBV6SWZpWBmC1vroz352-L3QhcKuQTjTQlJXEdn_GABRkxpoNtCQlcOunil0F9LdfgrwYL9IoVSbY7Vc4llHU_s1lHak&sai=AMfl-YTWBTvRWEXvMmbeClTSlCZxWRUuIuwDNv1hsBf1zm7RKu_IvwHdkMEfHYBaCj09sAgH_Pch188N23CFfOKbY8hS-BnA40wPdHLAl1bSMXDvZwZF53Sn4CEvNneelc4&sig=Cg0ArKJSzEQhzJ0kcbeTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:29 GMT
pixel.gif
px.moatads.com/ Frame 7029 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21709825945%3A-&de=73699624052&t=1647594749833&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=1&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D4423103019%26moatClientLevel2%3D2306985054%26moatClientLevel3%3D4673068018%26moatClientLevel4%3D138322672366%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21709825945%26zMoatPS%3Dpara_top%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=1&wb=2&g=0&na=1380894284&cs=0
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:29 GMT
truncated
/ Frame 7029 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abef47b8458f96e4cb9c7759f0660f766305c5a4c8b22c873d8c10d80d9c219e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
abtests
trc.taboola.com/dailymail-us/log/3/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/dailymail-us/log/3/abtests?route=US:CH:V&lti=explore-more-header-ab-test_var&ri=b5c1684caac6e9a499e3ae328d5eb638&sd=v2_9c6836594cef2942d1cf0d184ab37db3_efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c_1647594748_1647594748_CNawjgYQ-ow9GIHysuL5LyABKAEw4QE4kaQOQIzbDkixy9kDUI8EWABgAGjb_5X0ga2ul6YBcAA&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&pi=/news/article-2187999/will-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&wi=3348883001482854866&pt=text&vi=1647594748161&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-lazy-module%22%2C%22type%22%3A%22%7B%5C%22v%5C%22%3A%5C%222%5C%22%2C%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~1832598627201759108~~2YnxA09Yn13H7%5C%22%2C%5C%22text%5C%22%3A%5C%22Read%20More%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-lazy-module%5C%22%2C%5C%22event%5C%22%3A%5C%22rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%202nd%5C%22%2C%5C%22innerText%5C%22%3A%5C%22How%20Seniors%20End%20%E2%80%98Bone-On-Bone%E2%80%9D%20Knee%20Troubles%20(Works%20Fast)%5C%5CnAmRelieve%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22fontWeight%5C%22%3A%5C%22bold%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1647594749892%7D&tim=09%3A12%3A29.893&id=712&llvl=2&cv=20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
22
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594750.904440,VS0,VE22
x-served-by
cache-ewr18169-EWR
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
config
c.amazon-adsystem.com/cdn/prod/ 		619 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
2e8b454eb03ad6a30f88aaa056f7bd36a0fd06b91c1ca93956a4e310f5f7b035

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 06:53:43 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
age
8325
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-C3
content-length
619
x-amz-cf-id
FOEvfwwO-L-sGW7pZMUrU2Q_K1Y2uKkXC18RXpIFKiJmQX-CfcZ97A==
bid
c.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22billBoard%22%2C%22s%22%3A%5B%22970x250%22%2C%22900x250%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22leader_wide%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22sky-left%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22sky-right%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22mpu_puff_10%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22mpu_puff_20%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%2C%7B%22sd%22%3A%22mpu_top%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
10c7ad172bba5b65ad2a597a82d126506630ba14c18384769db36026c3ec3d8e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
09M38MG4KH86T42CQH3D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
1851
x-amz-cf-id
zNEQFKwFa4Fw6C4-oZhVtgV6LmCdBIFBSCwPoo6kNxRizXaE4aO7mw==
bid
c.amazon-adsystem.com/e/dtb/ 		691 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=1&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_left%22%2C%22s%22%3A%5B%22300x250%22%2C%22350x300%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
bbeaed16523311b1fe2f843d6165b5cd17d4e4395602f7fdc7d80bb7c8d64c88
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
B444G4NBHNRXAEW9QSS8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
691
x-amz-cf-id
xHJtTBlP71dDHVsPPvFc9xopbWGRw3lLw7wENDDvKmSkjGByRTjoVQ==
bid
c.amazon-adsystem.com/e/dtb/ 		637 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=2&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22id%22%3A%22ctp_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
1799f9f70b2e569fc49797d4cc2d802fdeaf64955b4c2f5b357f8cd2f449025d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
B2K8JY7W5G8AVAJGJTE7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
637
x-amz-cf-id
CVR-ft19zzNcZlIl2jF8goCLSxRcI4l8hzQX4T-p5JzspiOto2pcCQ==
bid
c.amazon-adsystem.com/e/dtb/ 		691 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=3&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_19a884cfc64f0360%22%2C%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
05937be1caa2893ee33c44a3b73e72ebcf698aba08eac45cb9220b40e4207e5a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
6RWFXPV4DSGRC63A4903
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
691
x-amz-cf-id
eHfkgp_ATz2iCZ9u1C68FjU8usgubjTEK55p-NH_Dj4gS_BjuvIw0A==
unip
trc-events.taboola.com/1125455/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1125455/log/3/unip?en=pre_d_eng_tb&tos=1775&scd=6&ssd=1&est=1647594748165&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1647594749941&vi=1647594748161&ri=0d6da89cdbde260a68eee94a7d7d4cf1&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&ref=null&cv=20220313-3-RELEASE&item-url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a4055df87fb1d7107976b40c27409f42d0e58278bd88e24e49109f09a8de14d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.103.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-103-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 18 Mar 2022 09:27:30 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Fri, 18 Mar 2022 08:48:29 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
1061684275
sid
mug.criteo.com/ Frame 554B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dailymail.co.uk&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pAtCkXxkeXllZ1A1RjROalNaYVZPRjFSU2JMRm1lSlVicDJrbVNxaEZxWE9rNDY5M2lZbGhPUnFaTythSHRNVUFSem1GMUE1M1BOWUZwbWRrbHJYMU15MEw1azVnNDlncXREbXBVNERqbHpuMDdRQjMrcXZaSk5UMFE2Ym...
425 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pAtCkXxkeXllZ1A1RjROalNaYVZPRjFSU2JMRm1lSlVicDJrbVNxaEZxWE9rNDY5M2lZbGhPUnFaTythSHRNVUFSem1GMUE1M1BOWUZwbWRrbHJYMU15MEw1azVnNDlncXREbXBVNERqbHpuMDdRQjMrcXZaSk5UMFE2Ym42UGwvOXF3Y3JQdE9zZnlhVkFuWDExMngyVC9QTThPZlE3QlBoUGZVK2VIRS81SVpxU2xKSUxDSE1rSzlKZmlDbDRCaVh0dXFXNmJDelpWblJEN1pHZkI0V0p3TGxSazBIdWdmdS93VU42YW0rQ0h1bnZmajR6eXR0Vjl5RzBDYkhVRUozRWdKQ3dXRnE0WjlVNmdCZEFBZDhtcVYrZz09fA&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
ec3cd48300f28a1f1486208c9fe92a8d982dee0e6cfd20f2187de6db5027a7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4943
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=pAtCkXxkeXllZ1A1RjROalNaYVZPRjFSU2JMRm1lSlVicDJrbVNxaEZxWE9rNDY5M2lZbGhPUnFaTythSHRNVUFSem1GMUE1M1BOWUZwbWRrbHJYMU15MEw1azVnNDlncXREbXBVNERqbHpuMDdRQjMrcXZaSk5UMFE2Ym42UGwvOXF3Y3JQdE9zZnlhVkFuWDExMngyVC9QTThPZlE3QlBoUGZVK2VIRS81SVpxU2xKSUxDSE1rSzlKZmlDbDRCaVh0dXFXNmJDelpWblJEN1pHZkI0V0p3TGxSazBIdWdmdS93VU42YW0rQ0h1bnZmajR6eXR0Vjl5RzBDYkhVRUozRWdKQ3dXRnE0WjlVNmdCZEFBZDhtcVYrZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2173
content-length
541
expires
0
3
rta2.newzit.com/s/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rta2.newzit.com/s/3
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
x-rs-ops
news-search-rta-c5-fe:8180
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
expires
Fri, 18 Mar 2022 09:12:30 GMT
3
rta2.newzit.com/s/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rta2.newzit.com/s/3
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
x-rs-ops
news-search-rta-c4-fe:8180
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
expires
Fri, 18 Mar 2022 09:12:30 GMT
topArticlesXP
www.newzit.com/api/39/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/api/39/topArticlesXP?{%22key%22:%22newsUS%22}
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
31669d7c6eff40766f9664af7840953e5cf2accfaa7ca3eabe9b7b8b12966205

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-rs-ops
varnish-news-search-c2-fe:6081
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-cache-origin
["j2cB4TqgazMwk17bW3EzjwcgpMWkahs4jD6QUvcIdWI%3D","local(news-search-api-c3.rdg.mol.dmgt.net%3A29187)","miss","backingCache(%7B%22host%22%3A%22news-search-redis-app.rdg.mol.dmgt.net%22%2C%22port%22%3A%226379%22%2C%22db%22%3A4%2C%22enable_offline_queue%22%3Atrue%7D)","restore","retrieved"]
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rs-ben-time
Fri, 18 Mar 2022 09-11-41 GMT
cache-control
max-age=12
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
x-rs-ben
news-search-api-c3.rdg.mol.dmgt.net:4444
content-length
1934
expires
Fri, 18 Mar 2022 09:12:42 GMT
topArticlesXP
www.newzit.com/api/39/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/api/39/topArticlesXP?{%22key%22:%22newsUS%22}
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.21.3/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee22 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
31669d7c6eff40766f9664af7840953e5cf2accfaa7ca3eabe9b7b8b12966205

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-rs-ops
varnish-news-search-c2-fe:6081
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-cache-origin
["j2cB4TqgazMwk17bW3EzjwcgpMWkahs4jD6QUvcIdWI%3D","local(news-search-api-c3.rdg.mol.dmgt.net%3A29187)","miss","backingCache(%7B%22host%22%3A%22news-search-redis-app.rdg.mol.dmgt.net%22%2C%22port%22%3A%226379%22%2C%22db%22%3A4%2C%22enable_offline_queue%22%3Atrue%7D)","restore","retrieved"]
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rs-ben-time
Fri, 18 Mar 2022 09-11-41 GMT
cache-control
max-age=10
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
x-rs-ben
news-search-api-c3.rdg.mol.dmgt.net:4444
content-length
1934
expires
Fri, 18 Mar 2022 09:12:40 GMT
publisher-purposes-list.json
cmp.dmgmediaprivacy.co.uk/data/v1/ 		354 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/data/v1/publisher-purposes-list.json
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5df0f247da77359540280c424cd0e7167941a3824cac7828ffabc4a2997cd887

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
last-modified
Wed, 16 May 2018 09:27:00 GMT
server
AkamaiNetStorage
etag
"d2998c4f37cfd1dfc00f7df8bc14de66:1536323600.231037"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=923
accept-ranges
bytes
content-length
354
expires
Fri, 18 Mar 2022 09:27:53 GMT
vendor-list.json
cmp.dmgmediaprivacy.co.uk/data/v6/ 		92 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/data/v6/vendor-list.json
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0f426a5054718834a6399eaee2a5f7e0d8b43cdc1a4e13a12b298738cd5e2736

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
last-modified
Tue, 24 Sep 2019 16:23:26 GMT
server
AkamaiNetStorage
etag
"dc279545bd28fa4b726f74201aa8a541:1569342207.603055"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
10882
expires
Sat, 19 Mar 2022 09:12:30 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7829b484863af8059fdeab04b28fda7755ebb4f45c782e6bd4da932812331e6f

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
via
1.1 google
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		316 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6NDYzNywiZmwiOnRydWUsImRvbSI6Ind3dy5kYWlseW1haWwuY28udWsiLCJmc28iOm51bGwsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1sIiwicnVybCI6IiIsInB2cyI6MSwicHZpZCI6ImwwdzdkZnN4MWV1Y3AzNWU3YXUiLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1647594750083
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/Scripts/script.js?v=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-63.ewr53.r.cloudfront.net
Software
Kestrel /
Resource Hash
accab9b97025999d5c3550549a4bf60e63aa11f4716efdd9be80fccd9b3dc290

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
ao3fCZGZKhs2NO1jmyeEQNffJD46IuSQfo-Hl9DE9u4iAoLRUXYF0A==
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465fe72514f81fccb7dc41806add85abf16d815f3a3831ceca98bb85475e1d4f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		339 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa43023e804760a3afc30fd16ed1553246136329d7a3a871672b5ee8c7022fc2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
en.json
cmp.dmgmediaprivacy.co.uk/data/v6/i18n/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/data/v6/i18n/en.json
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8d626ccfbe4b432311292849afc239011855d71ed640bbdc4573338d7cfbe932

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:02:08 GMT
server
AkamaiNetStorage
etag
"4b183a51de1450d2672597c6ed12111b:1634306528.38885"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3097
accept-ranges
bytes
content-length
2357
expires
Fri, 18 Mar 2022 10:04:07 GMT
v_15cb6yo
www.dailymail.co.uk/abe/a9/price/ 		4 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/v_15cb6yo
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70d9b21e78ff3a4f863d77dcf2fbb9c0c3657c9f135af19822e948719951c640

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
JNEBH9faKku21W7miuNReujkOpIiLDou
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:56:09 GMT
server
AmazonS3
x-amz-request-id
240BEA9D87C04FC7
etag
"ff0da6240bde95bc7caa86df65b270c0"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=361305
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
FV9dLcjj0sfe3TlgF/0cMn70C1aPxlNYdxD3jzIgdu32YCAu2y3TsivjjPHaxEo6AWVzG36g9dU=
iu3
s.amazon-adsystem.com/ Frame CEE3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-v...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-v...
377 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f5a521b1888f01ec2553ea43409460f8c21e7b39bcedc749c99ab8dababab11b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
377
Connection
keep-alive
x-amz-rid
DR9KSWR95PHMTWF92C4G
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
GCEJCRCDQ3MMTDJ6Q1Q4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
consent
cmp.dmgmediaprivacy.co.uk/ccpa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/ccpa/consent
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
date
Fri, 18 Mar 2022 09:12:30 GMT
consent
cmp.dmgmediaprivacy.co.uk/ccpa/ 		66 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.dmgmediaprivacy.co.uk/ccpa/consent
Requested by
Host: cmp.dmgmediaprivacy.co.uk
URL: https://cmp.dmgmediaprivacy.co.uk/2.8.18-ccpa-31/iife/mol-ads-cmp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a93::11ae Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
77df6f1ae61b9f754ac1e534cb62c327cb15e625c1e2c3d515069089dd696e8d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
etag
W/"42-nHJr0jolDY9OoSJavmViwC9PqXs"
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
content-length
66
truncated
/ 		303 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
184df17cd98005b00d5576123c08917edbf37f63159c2b59e01c6d741d76769c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
167.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/167.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
07125226eee2cdd95e8f88ab1f757731b1a779edee0b4ac8f580ee1b3d4f51e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:29 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
pixel;r=665590808;labels=Title.Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F%2CSection.News%2CKeywords....
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=665590808;labels=Title.Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F%2CSection.News%2CKeywords.dailymail%2CKeywords.news;rf=0;a=p-yVg_z7_Zx4fHs;url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html;uht=2;fpan=1;fpa=P0-19554641-1647594748430;pbc=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=dailymail.co.uk;je=0;sr=1600x1200x24;dst=0;et=1647594748430;tzo=0;ogl=site_name.Mail%20Online%2Ctitle.Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20bro%2Ctype.article%2Cdescription.Paul%20Wilson%252C%2055%252C%20yesterday%20learned%20he%20was%20the%20half-brother%20of%20EuroMillions%20winne%2Curl.https%3A%2F%2Fwww%252Edailymail%252Eco%252Euk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-%2Cimage.https%3A%2F%2Fi%252Edailymail%252Eco%252Euk%2Fi%2Fpix%2F2012%2F08%2F15%2Farticle-2187999-148CC637000005DC-780_%2Cimage%3Awidth.308%2Cimage%3Aheight.185%2Cvideo.https%3A%2F%2Fvideos%252Edailymail%252Eco%252Euk%2Fvideo%2F1418450360%2F2012%2F08%2F1418450360_1785264058001%2Cvideo%3Atype.video%2Fmp4%2Cvideo%3Awidth.636%2Cvideo%3Aheight.358
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
esp
oajs.openx.net/ 		36 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1527568898380ac1c0bebeb181c6ae65f661433cba813faf972ae0f6f6e0463b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 google
etag
W/"24-MPX4D2CpPPu6cKyILEoIfy/UhNY"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C900x250%7C728x90&ifi=2&adks=1804143546&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dbillboard%26amznbid%3D1%26amznp%3D1%26adx_channel%3D18%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26nobids%3Dtrue&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26amznbid%3D1%26amznp%3D1&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750261&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=315&adys=197&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=0&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAA&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
554bd6ee394a173c7144c5316e213e7a3064bb04d0becbaf2cf6fac7feb11ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11278
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=535290310&sfv=1-0-38&ecs=20220318&ists=1&fsapi=false&prev_scp=pos%3Dbillboard%26adx_channel%3D18%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26nobids%3Dtrue&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26amznbid%3D1%26amznp%3D1&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750266&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=0x-1&fws=128&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=-1&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAA&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e86d9bec22a24d461d6bc1d562c9fc8ab59a6442d4b7ff28e62a991ca9a40c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2264
x-xss-protection
0
google-lineitem-id
5651755571
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344420857
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=4&adks=1984375283&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dmpu_top%26amznbid%3D1%26amznp%3D1%26adx_channel%3D16%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26nobids%3Dtrue&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26amznbid%3D1%26amznp%3D1&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750271&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=978&adys=526&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=308x-1&msz=308x-1&fws=0&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAA&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
7f6f14021f84bde21c25f412910930be286e18800e5f4b61c6ba638cc0ec85b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22202
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=5&adks=1342803790&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dmpu_puff_10%26amznbid%3D1%26amznp%3D1%26adx_channel%3D12%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26hb_bidder%3D33across%26hb_adid%3D2012b8b52d06d87b%26hb_pb%3D0.38%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_33across%3D2012b8b52d06d87b%26hb_pb_33across%3D0.38%26hb_size_33across%3D300x600%26hb_source_33across%3Dclient%26hb_format_33across%3Dbanner%26hb_skin_33across%3Dfalse%26maxbid%3D0.38%26maxbidpk%3D1%26maxbid_bidder%3D33across%26nobids%3Dfalse&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26amznbid%3D1%26amznp%3D1&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750273&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=978&adys=2829&oid=2&ucis=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=308x-1&msz=308x-1&fws=0&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=1&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAA&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
a8489677363120e65fd9117c80a211682846aaa31c1bc0648cd25d9850faddbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19267
x-xss-protection
0
google-lineitem-id
5801406709
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366224032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v_lulpts
www.dailymail.co.uk/abe/a9/price/ 		4 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/v_lulpts
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf9dcf6da8a82be1335c398a4005def7ee3a53d4698c59dbc6b2b14e72d1263c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
5g8q1AH7HzhUDFh1qvYZ4ev6jNJWGvQo
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:57:06 GMT
server
AmazonS3
x-amz-request-id
8D1341B97B5C5BB3
etag
"41cf2677cc4ec9356dad8e76dfb87448"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=2385798
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
qg4gAwMyM7JQ3UNfrI25ccPsC+rDMBAz816Y7x10dNwDos6omoo0SNkVMEn6dR7kmbQDIXyZCUY=
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=6&adks=2417854540&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dmpu_puff_20%26amznbid%3D1%26amznp%3D1%26adx_channel%3D3%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26hb_bidder%3D33across%26hb_adid%3D168a1a5cd625cdb4%26hb_pb%3D0.04%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_33across%3D168a1a5cd625cdb4%26hb_pb_33across%3D0.04%26hb_size_33across%3D300x600%26hb_source_33across%3Dclient%26hb_format_33across%3Dbanner%26hb_skin_33across%3Dfalse%26maxbid%3D0.04%26maxbidpk%3D1%26maxbid_bidder%3D33across%26nobids%3Dfalse&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26gdpr%3D0%26cmp%3Dccpa%26us_privacy%3D%26consent%3Dfalse&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750297&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=978&adys=4713&oid=2&ucis=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=308x-1&msz=308x-1&fws=0&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=2&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAA&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
d9fc19c63dd8205127c87f2cf3f90e0e69443884bd6a12a1bb2520bea61252c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19317
x-xss-protection
0
google-lineitem-id
5801406712
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138369571796
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprnjmp.taboola.com/ Frame E757 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4706965&dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&cmcv=&pix=undefined&cb=1647594750305&uv=3143&tms=1647594750305&abt=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=669F32FC39106363362955637066&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
21502515cee9faedd6a4b51c7fa4aebe9fb56e5b2f44c05bc0709d87720b9d58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594750.328668,VS0,VE8
vary
Accept-Encoding
sync
us-match.taboola.com/ Frame 8ED5 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
cfb0edaae7cc9fa11afd4d15eb1ab6e9bf9e52b65cae987fc70b4654a09856bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3103
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594750311&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1377&pt=-252260390&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1606f00f2009fdaa6004592fd4616c3227eef68dbb0757d9e92ad162ac1843c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1101
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18169-EWR
pragma
no-cache
server
nginx
x-timer
S1647594750.331854,VS0,VE77
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7981227&crid=4706965&dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&cmcv=&pix=31589837&cb=1647594750304&uv=3143&tms=1647594750304&abt=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1647594741077.2!ts:1647594750304&mntl=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
server
nginx
st
imprchmp.taboola.com/ Frame 4AB4 		928 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594750.340057,VS0,VE21
vary
Accept-Encoding
sync
ch-match.taboola.com/ Frame 68B7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3805
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=31589837&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1647594741077.2!ts:1647594750319&mntl=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
server
nginx
1bxjjsw
www.dailymail.co.uk/abe/a9/price/ 		4 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/1bxjjsw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a976726b1d1bda3e1f271287f3aa7229ca3204ff8bf9cb2b581c610b9c811bef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
xN6ampabQaCm2.JB96iNE0TOty.Mh4Lz
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:54:53 GMT
server
AmazonS3
x-amz-request-id
495B9277C53B4A06
etag
"8ce3fac7e23a02ab4e00cf0f1e03310a"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=2576571
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
jSirHLf2FUmyJnXYz0zS2gfkQAUNtqqPs593+QwLDBeMJYp1LfrVxjlyLx4+SiqP6Sib8PCPpBQ=
1y4n2f4
www.dailymail.co.uk/abe/a9/price/ 		4 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/1y4n2f4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b635f81c034b6fbf71e4037c020d5fa178f9c32be19be26c2147f643aa0b1b36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
mPI0DeucrWFvckEggX8_REiH_aAbSiDO
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:55:15 GMT
server
AmazonS3
x-amz-request-id
77948F384F79ECD9
etag
"f4d175f9a1a4403edb6ee59f4154cc1e"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=1900500
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
YlVywA3Ogqix2hK38zzqYcQKvC5JJS/nqOcUiTg6FwyPktZWX2L9zKCtW89BE18Ip3Sy+5c3D6I=
1bxjjsw
www.dailymail.co.uk/abe/a9/price/ 		4 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/1bxjjsw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a976726b1d1bda3e1f271287f3aa7229ca3204ff8bf9cb2b581c610b9c811bef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
xN6ampabQaCm2.JB96iNE0TOty.Mh4Lz
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:54:53 GMT
server
AmazonS3
x-amz-request-id
495B9277C53B4A06
etag
"8ce3fac7e23a02ab4e00cf0f1e03310a"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=2576571
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
jSirHLf2FUmyJnXYz0zS2gfkQAUNtqqPs593+QwLDBeMJYp1LfrVxjlyLx4+SiqP6Sib8PCPpBQ=
11xy60w
www.dailymail.co.uk/abe/a9/price/ 		4 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/11xy60w
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91539d7445b231b3612c4f68bd077160bb791bd7b826df57ce0ee7f2807986cb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wNKhAQwrGJ5nFWdpPxsvncD1eTO88fS8
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:54:44 GMT
server
AmazonS3
x-amz-request-id
SGYSNYC2ZZA5NPXA
etag
"6a55596c15df4993eea3b44eace1ee7f"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=2562765
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
K7kclvIWz/vavLdF3F15KBTPo3ibf7LHd/zgpvk+OQzxRkYHX4ve6tv1YbWxo6/U5q3+rRmmUVw=
1y4n2f4
www.dailymail.co.uk/abe/a9/price/ 		4 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/1y4n2f4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b635f81c034b6fbf71e4037c020d5fa178f9c32be19be26c2147f643aa0b1b36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
mPI0DeucrWFvckEggX8_REiH_aAbSiDO
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:55:15 GMT
server
AmazonS3
x-amz-request-id
77948F384F79ECD9
etag
"f4d175f9a1a4403edb6ee59f4154cc1e"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=1900500
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
YlVywA3Ogqix2hK38zzqYcQKvC5JJS/nqOcUiTg6FwyPktZWX2L9zKCtW89BE18Ip3Sy+5c3D6I=
1y4n2f4
www.dailymail.co.uk/abe/a9/price/ 		4 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/1y4n2f4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b635f81c034b6fbf71e4037c020d5fa178f9c32be19be26c2147f643aa0b1b36

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
mPI0DeucrWFvckEggX8_REiH_aAbSiDO
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:55:15 GMT
server
AmazonS3
x-amz-request-id
77948F384F79ECD9
etag
"f4d175f9a1a4403edb6ee59f4154cc1e"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=1900500
date
Fri, 18 Mar 2022 09:12:30 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
YlVywA3Ogqix2hK38zzqYcQKvC5JJS/nqOcUiTg6FwyPktZWX2L9zKCtW89BE18Ip3Sy+5c3D6I=
pd
google-bidout-d.openx.net/w/1.0/ Frame 17F5 		623 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
699ecaf4a2ece882871e6f0a9d3370eed2234ea4b2d902f596161ab9cb72c57c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html
content-length
409
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generic
match.adsrvr.org/track/cmf/ Frame 68B7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 68B7 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 68B7
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27771

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
86
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 68B7 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 4AB4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 4AB4 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4AB4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27771

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
403
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 4AB4 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 4AB4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7981227&crid=4800235&dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&cmcv=&pix=undefined&cb=1647594750319&uv=3143&tms=1647594750319&abt=adh5c-1_vA!eidc_vA!ftp1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=572DCA2CF73508326605402888&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27771

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:30 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pr
s.amazon-adsystem.com/v3/ Frame 97D5 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f1ff1514637cac5643d2a968669d7964d9084e0e580a6cda1941b5f2dd849800
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_bf_rx_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
4522
Connection
keep-alive
x-amz-rid
CXPKS9N786KW6QMPG6WF
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/31_4_3/infra/ 		745 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7c2adea4fd6d656ae124f4302459eec0223eceb512aaca9785441427407559b1

Request headers

Referer
https://www.dailymail.co.uk/
Origin
https://www.dailymail.co.uk
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
age
87650
x-amz-meta-mtime
1647506928
x-cache
HIT
x-amz-meta-ctime
1647506929
x-amz-meta-mode
33188
content-encoding
br
content-length
131219
x-amz-id-2
PjuBjSwUFfnMjn6yAS8Do7s1zorvfHAnPIw1BwzVUtcZvVzV/i0VykX1lNm+xaTFxHooe8CiOUA=
x-served-by
cache-ewr18148-EWR
accept-ranges
bytes
last-modified
Thu, 17 Mar 2022 08:48:50 GMT
server
AmazonS3-br
x-timer
S1647594751.504771,VS0,VE0
etag
"598e2c287a5de752b20a02bdb448aabd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
22C87XAY11GCRCV3
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
106
cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_4_3/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_4_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
age
87660
x-amz-meta-mtime
1647506980
x-cache
HIT
x-amz-meta-ctime
1647506981
x-amz-meta-mode
33188
content-encoding
br
content-length
8280
x-amz-id-2
vaTbdX2C6byp9oTfQf16en+3VXUE9seXKVIsnWdoSug50uIHHXI1pSOp269PETEMxMdn+I/G9DY=
x-served-by
cache-ewr18169-EWR
accept-ranges
bytes
last-modified
Thu, 17 Mar 2022 08:49:42 GMT
server
AmazonS3-br
x-timer
S1647594750.460848,VS0,VE0
etag
"19adad12972fe11c2c8a39a781625b6d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1GQHTQ7YWWM0DTH9
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
33976
sync
taboola-supply-partners.tremorhub.com/ Frame 65BC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 65BC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 65BC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27524

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
301
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 65BC 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame 65BC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27771

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_left_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=7&adks=1282380556&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dsky_left_top%26amznbid%3D1y4n2f4%26amznp%3D1m4mmm8%26adx_channel%3D20%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26hb_bidder%3D33across%26hb_adid%3D1992e708ad15afa6%26hb_pb%3D0.38%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_kargo%3D1984f789ab1a69a8%26hb_pb_kargo%3D0.21%26hb_size_kargo%3D300x250%26hb_source_kargo%3Dclient%26hb_format_kargo%3Dbanner%26hb_skin_kargo%3Dfalse%26hb_adid_33across%3D1992e708ad15afa6%26hb_pb_33across%3D0.38%26hb_size_33across%3D300x600%26hb_source_33across%3Dclient%26hb_format_33across%3Dbanner%26hb_skin_33across%3Dfalse%26amzniid%3DIjMt_kss67JPd9JdKch3niMAAAF_nEzBOwEAAAv5AVU6_zY%26amznsz%3D300x600%26maxbid%3D0.41%26maxbidpk%3D1%26maxbid_bidder%3Dtia%26nobids%3Dfalse&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26gdpr%3D0%26cmp%3Dccpa%26us_privacy%3D%26consent%3Dfalse&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750493&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=-42&adys=25&oid=2&ucis=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=350x62018&msz=350x250&fws=512&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
487ff18a671974fc4e07fd8b0a025435c9d2f8611cb98a6b76b61c2eea3322ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9254
x-xss-protection
0
google-lineitem-id
5847399795
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373656875
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=8&adks=1767785551&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dsky_right_top%26amznbid%3D1y4n2f4%26amznp%3D1m4mmm8%26adx_channel%3D8%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26hb_bidder%3D33across%26hb_adid%3D2006dcd3a198a35e%26hb_pb%3D0.43%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_sharethrough%3D141de20c9532cda5%26hb_pb_sharethrough%3D0.19%26hb_size_sharethrough%3D300x600%26hb_source_sharethrou%3Dclient%26hb_format_sharethrou%3Dbanner%26hb_skin_sharethrough%3Dfalse%26hb_adid_33across%3D2006dcd3a198a35e%26hb_pb_33across%3D0.43%26hb_size_33across%3D300x600%26hb_source_33across%3Dclient%26hb_format_33across%3Dbanner%26hb_skin_33across%3Dfalse%26amzniid%3DIrICk9IN9jy6i9Fz84N0l4sAAAF_nEzBOwEAAAv5AV8EuWM%26amznsz%3D300x250%26maxbid%3D0.43%26maxbidpk%3D1%26maxbid_bidder%3D33across%26nobids%3Dfalse&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26gdpr%3D0%26cmp%3Dccpa%26us_privacy%3D%26consent%3Dfalse&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750496&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=1292&adys=25&oid=2&ucis=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=350x62018&msz=350x250&fws=512&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
3b7d7e137800a32fc732adbcf08c03731947d2a2e122eab23107832180d653f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19380
x-xss-protection
0
google-lineitem-id
5802149408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365786354
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3151125353826941&correlator=761933701125407&eid=31065690%2C676982996%2C44759850&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C350x300&ifi=9&adks=3570895540&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=pos%3Dmpu_left%26adx_channel%3D15%26refreshCount%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26hb_bidder%3Dpubmatic%26hb_adid%3D2311148ded2804e%26hb_pb%3D0.39%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_pubmatic%3D2311148ded2804e%26hb_pb_pubmatic%3D0.39%26hb_size_pubmatic%3D300x250%26hb_source_pubmatic%3Dclient%26hb_format_pubmatic%3Dbanner%26hb_skin_pubmatic%3Dfalse%26hb_adid_33across%3D232bbed5088872ee%26hb_pb_33across%3D0.38%26hb_size_33across%3D300x250%26hb_source_33across%3Dclient%26hb_format_33across%3Dbanner%26hb_skin_33across%3Dfalse%26amzniid%3DImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ%26amznp%3D1m4mmm8%26amznsz%3D300x250%26amznbid%3D1y4n2f4%26maxbid%3D0.41%26maxbidpk%3D1%26maxbid_bidder%3Dtia%26nobids%3Dfalse&eri=4&cust_params=article%3D2187999%26environment%3Dproduction%26country%3Dus%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%252CclsMonitor_off%252Cpermutive_on%252CperfMon_off%252CscannerTrial_control%252Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%252Cias_sales_visit_brighton%252Cias_sales_lottery%252CIAS_SAFE_GARM1%252Cias_sales_no_supermarkets%252Cias_sales_excl_covid%252Cias_safe_strict%252Cias_safe_sales_pm%252CIAS_Safe_Nov2021%252CIAS_SAFE_ClientKWblockingList_22%252F22%252CIAS_SAFE2%252Cias_safe%252CIAS_Custom%2520LB%2520List%252Cias_sales_summertime_19_ire%252Cias_sentiment_positive%252Cias_interest_sleep%252Cias_interest_travel_long_haul%252Cias_sales_book%252Cias_interest_family_parenting%252Cias_interest_travel_staycation%252Cias_interest_family%252Cias_shopping%252Cias_sales_skincare_jj%252Cias_sales_premium_brands%252Cias_interest_british%252Cias_celeb_royal_family%252Cias_interest_travel_holidays%252Cias_interest_travel%252Cias_emotions_positive%26permutive%3D10277%252C17312%252C55620%252C100596%252Crts%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26gdpr%3D0%26cmp%3Dccpa%26us_privacy%3D%26consent%3Dfalse&sc=1&cookie=ID%3D097f060fc0340404-224eb48ee8d10059%3AT%3D1647594749%3AS%3DALNI_MZ_UD2P51oOc_utcSpLP_g6XPX4Zg&cdm=www.dailymail.co.uk&abxe=1&dt=1647594750500&dlt=1647594747351&idt=1099&biw=1600&bih=1200&adxs=-42&adys=620&oid=2&ucis=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=www.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=350x62018&msz=350x300&fws=512&ohw=0&psts=AGkb-H8jfoF4fBAeUtXuXaGelz0cx3q1weShMb0d504442q9LVKbhOA6XR4kMvkf26MkQWlb1xYbIOKPoozftmVIxgj3J94a&ga_vid=1144404248.1647594748&ga_sid=1647594749&ga_hid=361407818&ga_fc=true&btvi=0&a3p=EhUKBWluZGV4EgAYmP-y4vkvRQAAAAASGgoMaWQ1LXN5bmMuY29tGPz8suL5L0UAAAAAEh4KDmVzcC5jcml0ZW8uY29tEgAYjYKz4vkvRQAAAAASPgoKcHViY2lkLm9yZxIkZWJlNDVlMTUtN2VhOS00ZGE3LTljODQtZDQwZDAwMzBhYjRmGOn-suL5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
f7d75e8b2a88004fd3b843bbe2be461c8a746c3d412582e251ae683a9cb71aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19364
x-xss-protection
0
google-lineitem-id
5800174260
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138375485717
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame EEE2 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame EEE2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EEE2
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27524

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
297
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame EEE2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame EEE2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27771

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:30 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 6E3F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstq4NgGvM0qc3UraS6PfxMESVRVvP27WcuU5gMwq_Z-x5OdL-3dWWZacQIDXy-pLnPWSKMGCRnJr3RbG8qfG9CDz8Deb25V30dlhhLg__wA4ZNJRE1ai8SsaRWichPKkHPyGWWLOGIdUSAaiiJivs1iz1WT_WDZYyJT4WclY9jMeUW7FWKMOIdzlLZATZLiw3ntdmVJdgmDHqK3_N6ve3F-lbpB-O-wyXxHafZVtRXYNBlf8PiU97xfMSxck9KP96xB2H1q1lGylu1XN-gWI26P4avgNJsKFIrAdvQOjzT-bniOEWqkyLpMoidwEBw3eJyFK6T8iMne4W6TIoxiTLD5_duVP1jZu0lOVg%26sig%3DCg0ArKJSzAq3ENYmXBmiEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:03:45 GMT
content-encoding
gzip
age
525
x-guploader-uploadid
ADPycdugrd47TvBqm2FTZMs4NnZWX8Se_46yieg3SY8FEUQNorQrg-zdWIPatAqSkCb1nisXDi9UsAeLE07bE7AmKWY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
539
last-modified
Thu, 25 Jul 2019 15:10:59 GMT
server
UploadServer
etag
"0cfef24c569b42826ee2e88465d4bfb6"
vary
Accept-Encoding
x-goog-hash
crc32c=DjYwig==, md5=DP7yTFabQoJu4uiEZdS/tg==
x-goog-generation
1564067459897939
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
539
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 18 Mar 2022 09:33:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 17F5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YjRM-gAN66WnSAAy
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjRM-gAN66WnSAAy&_test=YjRM-gAN66WnSAAy
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjRM-gAN66WnSAAy&_test=YjRM-gAN66WnSAAy
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594751.713490,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjRM-gAN66WnSAAy&_test=YjRM-gAN66WnSAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ac8f0708-4782-e019-f785-0a109b4055fb
pr-bh.ybp.yahoo.com/sync/openx/ Frame 17F5 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ac8f0708-4782-e019-f785-0a109b4055fb?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 17F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=3848614c-d72e-7250-c652-1ce5641798b2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 17F5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTQyN2IyODYtMWU1OS0yY2Y0LWQzYjItNDY1Y2FlZjU1NmQy
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 17F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJi6WeOiMWIQUTfJ_csnBLs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJi6WeOiMWIQUTfJ_csnBLs&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJi6WeOiMWIQUTfJ_csnBLs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 97D5
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7c645530-439f-430f-be08-f3bda86d545b
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1XWAHSQK43KC4Y1J0FT8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 97D5
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=77c60781
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=77c60781
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
77NZZQRKP61G4T24ETNT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=77c60781
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
dUCkHZywYMqkhsUcvf81723QoJkmqbmYD24twpbjhFnGkGLo2j1fHg==
ecm3
s.amazon-adsystem.com/ Frame 97D5
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=5036F47B1E164C5B8C56BBC185A6E0FD&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=5036F47B1E164C5B8C56BBC185A6E0FD&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4FZQQH4879XX8XV5WB9J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=5036F47B1E164C5B8C56BBC185A6E0FD&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Mar 2022 09:12:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 97D5
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1h...
  • https://cs.emxdgt.com/umcheck?apnxid=6359460436251910749&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmV...
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6359460436251910749brt57461647594750670190ab
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6359460436251910749brt57461647594750670190ab
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F50AC5FJD2M91X7Q3H34
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6359460436251910749brt57461647594750670190ab
date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame E733 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
93187a7a0d003690c133a72afa93d2a969cbf893bade560caae6ece12e4073f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"02f03a6ac30551e3bec07cb3aa6048431"
timing-allow-origin
*
content-encoding
gzip
usermatch
ssum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cdd2f7a65b05d1ba61057ea77d11273bb6e2690cf4ec48adc2ca2fcd0e58c128

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|8|196|3|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Length
1634
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 18 Mar 2022 09:12:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Connection
keep-alive
syncb
sync.bfmio.com/ Frame 1D45 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/syncb?pid=137
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
7260560873862667d5bb393eee6cfbb0146c006ae3246633fe55199e68d5b07a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Length
1059
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 0EA5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
VTPVJ425DJH9GMTWZZPY
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.21.3
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=districtm
AN-X-Request-Uuid
7e70527a-c5e8-43bc-b4df-1340ca8d8b68
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 534E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8297679604156303488&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8297679604156303488&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0VHZ3FCZQQFHRR12CR1N
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

content-length
0
date
Fri, 18 Mar 2022 09:12:30 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8297679604156303488&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 6C9C
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7ff366859f2d121a&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbf6_kKU0-QMAVGcRAAAAAAA&expiration=1647681150&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbf6_kKU0-QMAVGcRAAAAAAA&expiration=1647681150&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0NTYW21STKWSB8WDA38S
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbf6_kKU0-QMAVGcRAAAAAAA&expiration=1647681150&is_secure=true
ecm3
s.amazon-adsystem.com/ Frame E2F9
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOzYnxtgS0gmtmBm_sZL1Y_x6vUXPfNI1IrGt9ng
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOzYnxtgS0gmtmBm_sZL1Y_x6vUXPfNI1IrGt9ng
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
16XR3EDHAXGYR5WKVVA5
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

P3P
CP="CAO PSA OUR"
Location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOzYnxtgS0gmtmBm_sZL1Y_x6vUXPfNI1IrGt9ng
Transfer-Encoding
chunked
Date
Fri, 18 Mar 2022 09:12:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
ecm3
s.amazon-adsystem.com/ Frame EAD8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3142368608644553920
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3142368608644553920
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
ZHKFD15JK8DHJPAJACSC
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3142368608644553920
content-length
0
date
Fri, 18 Mar 2022 09:12:29 GMT
index.html
cdn.districtm.io/ids/ Frame 5A99
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html
cf-ray
6edcd8d7ac5d8c5d-EWR
age
24565
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
Qn9IunFTQKw8C8TQzOq3CNLVzZiqr4YZq0kGbKLtUCzQ1BONmRtiSw==
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6edcd8d77be98c5d-EWR
cache-control
max-age=3600
expires
Fri, 18 Mar 2022 10:12:30 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 7634
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4c54f48e0b62419f8f97f771c71e8375
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4c54f48e0b62419f8f97f771c71e8375
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
38W4J784ZAA9DA48N691
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Fri, 18 Mar 2022 09:12:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4c54f48e0b62419f8f97f771c71e8375
server
istio-envoy
x-envoy-upstream-service-time
0
Content-Length
0
Connection
keep-alive
/
match.sharethrough.com/jwumXNuB/v1/ Frame 72A6 		427 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6b612052fe19a706a356111a5c57e397c5877ce58afbeccbe6a26aaefab372dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B645 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32872
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:30 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame B104 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.59.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-59-237.compute-1.amazonaws.com
Software
/
Resource Hash
642b7919b4dd8a499f2358366815609f1d0c362d3f2a68e420a2e6e33b8a936f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
usync.html
eus.rubiconproject.com/ Frame F30D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 90B6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wYWNJd1ZoRTJ1TDF3aDdsLnpBZWNMQ0xrYy5yNjNqSn5B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wYWNJd1ZoRTJ1TDF3aDdsLnpBZWNMQ0xrYy5yNjNqSn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
CGE94DJKXDWWPVRT4KYR
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wYWNJd1ZoRTJ1TDF3aDdsLnpBZWNMQ0xrYy5yNjNqSn5B
age
0
server
ATS/9.1.0.33
ecm3
s.amazon-adsystem.com/ Frame 1CCD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
91KKJNC4SR2AGACDEKN2
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.21.3
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6359460436251910749&ex=appnexus.com
AN-X-Request-Uuid
8a7b6bf7-b8e6-406d-b40b-2bec17db9daf
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
amazon
ap.lijit.com/beacon/ Frame 6F24
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a05e793ac9cd0643f4d02a1187b20684f58dd27fc2a47f9a9e78bfc13a6a789e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
text/html
Content-Length
1321
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Content-Length
0
X-Sovrn-Pod
ad_ap3dca1
ecm3
s.amazon-adsystem.com/ Frame A1DB
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2230631680262455077259
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2230631680262455077259
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_dm_smrt_cnv_n-inmobi_n-amobee_dmx_n-smaato_n-undertone_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
7GB8H9YVZSGQ1HGSDGKV
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2230631680262455077259
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17b.cloudfront.net (CloudFront), 1.1 varnish
age
1049792
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1647594751.692328,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
TX5pufruORL8DHp0lhp9HsFimkcWXdN6EebqsTZUjf1V32uE53V23A==
x-cache-hits
57546
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
i.js
tag.bounceexchange.com/4453/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/4453/i.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstq4NgGvM0qc3UraS6PfxMESVRVvP27WcuU5gMwq_Z-x5OdL-3dWWZacQIDXy-pLnPWSKMGCRnJr3RbG8qfG9CDz8Deb25V30dlhhLg__wA4ZNJRE1ai8SsaRWichPKkHPyGWWLOGIdUSAaiiJivs1iz1WT_WDZYyJT4WclY9jMeUW7FWKMOIdzlLZATZLiw3ntdmVJdgmDHqK3_N6ve3F-lbpB-O-wyXxHafZVtRXYNBlf8PiU97xfMSxck9KP96xB2H1q1lGylu1XN-gWI26P4avgNJsKFIrAdvQOjzT-bniOEWqkyLpMoidwEBw3eJyFK6T8iMne4W6TIoxiTLD5_duVP1jZu0lOVg%26sig%3DCg0ArKJSzAq3ENYmXBmiEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
a93124c27c88482f0039adb38cddb5c970f299d27eadb23679b9e9adbee0ba35

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:05 GMT
content-encoding
gzip
server
istio-envoy
age
25
etag
60a4b2832edcc
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
x-envoy-upstream-service-time
0
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
1681
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
usync.html
eus.rubiconproject.com/ Frame 8F33
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:30 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
ecm3
s.amazon-adsystem.com/ Frame 72A6 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=89374ba2-b7ae-46bf-a2cf-9efa7854afd7
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZMVX23M7T5Z2SVMKG2P1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 72A6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 72A6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://b1sync.zemanta.com/usersync/sharethrough/
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=hC9c_JxukxkuB_-lTGAw
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=hC9c_JxukxkuB_-lTGAw
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3p
CP="We do not support P3P header."
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=hC9c_JxukxkuB_-lTGAw
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
136
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 72A6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=898167d1-a69b-11ec-a277-16f784d60003
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=898167d1-a69b-11ec-a277-16f784d60003
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
nginx
Location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=898167d1-a69b-11ec-a277-16f784d60003
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
392
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 72A6
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={GDPR}&gdpr_...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={G...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=6359460436251910749
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=6359460436251910749
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f65de34-f6c2-472b-b4f0-025389c6d653
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_55e3ef01-907b-4e81-87c2-f443b724f20b&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=9a7bcef6-93dc-4314-bf35-77a9997a608a&ssp=gumgum2&bsw_param=7c645530-439f-430f-be08-f3bda86d545b
  • https://rtb.gumgum.com/usersync?b=bsw&i=7c645530-439f-430f-be08-f3bda86d545b
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame E733
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_55e3ef01-907b-4e81-87c2-f443b724f20b&obuid=ENC(sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DsIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=77c60781&obUid=sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42
0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=77c60781&obUid=sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:31 GMT
Cache-Control
no-cache
X-TraceId
77a2889679c43068cb922a131204ed03
Content-Length
0

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=77c60781&obUid=sIOqCFQw7tv6PpKZPJo7C09gqztYZKBatflp5vZuHUitgK8gsnEGUfv1xQ3lcu42
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
nUgeR--b3o1s9-EuCHTtqNCSvN_Uh1WSRqZpl1eM3Ukk1FKcdzG0ng==
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=cf75c53c-ff3b-4a06-a129-0c08ac4799f4
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=cf75c53c-ff3b-4a06-a129-0c08ac4799f4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=cf75c53c-ff3b-4a06-a129-0c08ac4799f4
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-371c9cd9-2321-407a-69db-82e264089b15$ip$96.9.249.42
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-371c9cd9-2321-407a-69db-82e264089b15$ip$96.9.249.42
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-371c9cd9-2321-407a-69db-82e264089b15$ip$96.9.249.42
Date
Fri, 18 Mar 2022 09:12:30 GMT
Connection
keep-alive
Content-Length
120
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-IJNj.MhE2pd_mMdhNscg.6yGjfblSaFVsM9W~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-IJNj.MhE2pd_mMdhNscg.6yGjfblSaFVsM9W~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-IJNj.MhE2pd_mMdhNscg.6yGjfblSaFVsM9W~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=8a1de752-a69b-11ec-92c5-fb53764b0872
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=8a1de752-a69b-11ec-92c5-fb53764b0872
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=8a1de752-a69b-11ec-92c5-fb53764b0872
Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8a1de753-a69b-11ec-92c5-fb53764b0872
usersync
usersync.gumgum.com/ Frame E733
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=34B9E82E4748403EAA98BCED7FCDFCB4
35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=34B9E82E4748403EAA98BCED7FCDFCB4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
107.23.24.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-24-80.compute-1.amazonaws.com
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
envoy
content-type
image/gif
cache-control
private, no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
5
x-region
virginia
content-length
35
expires
0

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=34B9E82E4748403EAA98BCED7FCDFCB4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
596742616
access-control-allow-origin
*
content-type
text/plain
content-length
0
142
match.deepintent.com/usersync/ Frame E733 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_55e3ef01-907b-4e81-87c2-f443b724f20b&gdpr=&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVUEGOLDL5FHQ5LLPBVXKQS7FVWFIR2BO4
  • https://rtb.gumgum.com/usersync?b=zem&i=hC9c_JxukxkuB_-lTGAw
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=hC9c_JxukxkuB_-lTGAw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&i=hC9c_JxukxkuB_-lTGAw
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
87
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E733
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
107.23.24.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-24-80.compute-1.amazonaws.com
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
envoy
content-type
image/gif
cache-control
private, no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
6
x-region
virginia
content-length
35
expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
date
Fri, 18 Mar 2022 09:12:31 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
merge
ce.lijit.com/ Frame E733
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1647594750949
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1670903602
  • https://sync.1rx.io/usersync/tradedesk/f67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=tHsVYykq6Lae&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=tHsVYykq6Lae&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=tHsVYykq6Lae&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-zt8zc
expires
-1
usersync
rtb.gumgum.com/ Frame E733
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=8297679604156303488&gdpr=0&gdpr_consent=
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=8297679604156303488&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=8297679604156303488&gdpr=0&gdpr_consent=
date
Fri, 18 Mar 2022 09:12:31 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E733 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_55e3ef01-907b-4e81-87c2-f443b724f20b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6NEY5AR99ZVVJ8560EG4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bulk
trc.taboola.com/dailymail-us/log/3/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-us/log/3/bulk?route=US%3ACH%3AV&lti=explore-more-header-ab-test_var&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
25
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594751.805516,VS0,VE25
x-served-by
cache-ewr18169-EWR
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame B104 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g51298f292f21f006546
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y1D3SEYCPKPB1X9M02K9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame B104
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6359460436251910749&pn_id=an
0
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6359460436251910749&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a75bc89e-1b8d-4c85-8ee5-ca41a7eda6e3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5116486d-a2ad-4b2e-811a-08e151e20aa0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6359460436251910749&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame B104
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=r2EHv60wUu60ZwO5qTEZuq83DL20ZFG6_GW655l5
  • https://ads.yieldmo.com/sync?userid=7c645530-439f-430f-be08-f3bda86d545b&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=7c645530-439f-430f-be08-f3bda86d545b&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.210.194.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-194-11.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=7c645530-439f-430f-be08-f3bda86d545b&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame B104
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.210.194.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-194-11.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame B104
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=IXpJUf0fTLpw23126tpzuWAJ-So
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=IXpJUf0fTLpw23126tpzuWAJ-So
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.210.194.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-194-11.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=IXpJUf0fTLpw23126tpzuWAJ-So
Date
Fri, 18 Mar 2022 09:12:30 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame B104
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=QKodMwjjXFVx&ev=1&pn_id=pp&pid=561118
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=QKodMwjjXFVx&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.0.59.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-59-237.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync-pp.ads.yieldmo.com/sync?userid=QKodMwjjXFVx&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 5A99 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
93391
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6edcd8d87db28c5d-EWR
x-amz-cf-id
eAFQyvDpP0PzfMELvLEVR-hml06ux82vdQ9KWW3mKynTylzMM2bdbw==
expires
Sun, 20 Mar 2022 09:12:30 GMT
sync
sync.bfmio.com/ Frame 1D45
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:30 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 1D45
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.bfmio.com/sync?pid=167&uid=av-951e2293-d2ed-483f-a976-5bdc8a2c1514
0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=167&uid=av-951e2293-d2ed-483f-a976-5bdc8a2c1514
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:30 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=167&uid=av-951e2293-d2ed-483f-a976-5bdc8a2c1514
date
Fri, 18 Mar 2022 09:12:30 GMT
server
Apache-Coyote/1.1
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 1D45 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d7a5f40113e0d3244ed6d5ba7c22ca6f471fd0b9&ex=bf.com
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YGVJ23YH59WXWG5DPKDY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync.bfmio.com/ Frame 1D45
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/d7a5f40113e0d3244ed6d5ba7c22ca6f471fd0b9
  • https://sync.bfmio.com/sync?pid=157&uid=y-7TO2EhhE2pJO_pl9Xyni71_w1zgvwXJ6bhWlfgn9vg--~A
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=157&uid=y-7TO2EhhE2pJO_pl9Xyni71_w1zgvwXJ6bhWlfgn9vg--~A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:30 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://sync.bfmio.com/sync?pid=157&uid=y-7TO2EhhE2pJO_pl9Xyni71_w1zgvwXJ6bhWlfgn9vg--~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
sync.bfmio.com/ Frame 1D45
Redirect Chain
  • https://www.storygize.net/ccm/ab07fd15-2039-48b6-b2a2-4c9d1869ba93
  • https://www.storygize.net/csr?r=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D178%26uid%3D5da0036c-9b6c-4679-84ff-2073e189b78a
  • https://sync.bfmio.com/sync?pid=178&uid=5da0036c-9b6c-4679-84ff-2073e189b78a
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=178&uid=5da0036c-9b6c-4679-84ff-2073e189b78a
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:30 GMT

Redirect headers

Location
https://sync.bfmio.com/sync?pid=178&uid=5da0036c-9b6c-4679-84ff-2073e189b78a
Pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length
0
expires
0
CookieSyncBeachfront
rtb.adentifi.com/ Frame 1D45 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncBeachfront?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D149%26uid%3D%24UID%0A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-length
0
content-type
text/plain
ecm3
s.amazon-adsystem.com/ Frame 6F24 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=6c08c9107bed88b791eade9c&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DAZYNEPBBKB5TWX34YQS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 6F24
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=5sXF81LhMv9MWGJQujci&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=5sXF81LhMv9MWGJQujci&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=5sXF81LhMv9MWGJQujci&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT, Fri, 18 Mar 2022 09:12:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 6F24
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=6c08c9107bed88b791eade9c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
MT3 4256 109297d master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:29 GMT
merge
ce.lijit.com/ Frame 6F24
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1647594750954
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2119211828
  • https://sync.1rx.io/usersync/tradedesk/f67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Connection
keep-alive
Content-Type
text/html
merge
ce.lijit.com/ Frame 6F24
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=znmAT1MDgfzc&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=znmAT1MDgfzc&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=znmAT1MDgfzc&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-vlh6k
expires
-1
merge
ce.lijit.com/ Frame 6F24
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Db16d13...
  • https://ce.lijit.com/merge?pid=16&3pid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=16&3pid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
usersync
rtb.gumgum.com/ Frame D4DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4256 109297d master ord-pixel-x6 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=&gdpr_consent=
Expires
Fri, 18 Mar 2022 09:12:29 GMT
usersync
usersync.gumgum.com/ Frame E0B3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YjRM-gAN66WnSAAy&gdpr=&gdpr_consent=
35 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YjRM-gAN66WnSAAy&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.24.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-24-80.compute-1.amazonaws.com
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
content-type
image/gif
content-length
35
date
Fri, 18 Mar 2022 09:12:30 GMT
x-envoy-upstream-service-time
5
x-region
virginia
server
envoy

Redirect headers

server
Varnish
retry-after
0
location
https://usersync.gumgum.com/usersync?b=atm&i=YjRM-gAN66WnSAAy&gdpr=&gdpr_consent=
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
x-served-by
cache-ewr18122-EWR
x-cache
HIT
x-cache-hits
0
x-timer
S1647594751.828622,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 01A7 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81NWUzZWYwMS05MDdiLTRlODEtODdjMi1mNDQzYjcyNGYyMGI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

content-type
image/png
date
Fri, 18 Mar 2022 09:12:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4646 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32872
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:30 GMT
vary
Accept-Encoding
/
hde.tynt.com/deb/ Frame 3AFC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
482f30de55f0667939ffc722514fb7c262fb51c7e29e0d87ac3b46410e4f461c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1802
date
Fri, 18 Mar 2022 09:12:30 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Fri, 18 Mar 2022 09:12:30 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usersync
rtb.gumgum.com/ Frame 1714
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=f67a371d-f285-4ca2-be6f-f2af79502cb4&t=1650186750
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=f67a371d-f285-4ca2-be6f-f2af79502cb4&t=1650186750
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=f67a371d-f285-4ca2-be6f-f2af79502cb4&t=1650186750
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame B939
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:30 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Fri, 18 Mar 2022 09:12:30 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usersync
usersync.gumgum.com/ Frame 8DB9
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
  • https://ib.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=emx&i=$UIDbrt57461647594750670190ab
  • https://usersync.gumgum.com/usersync?b=emx&i=6359460436251910749brt57461647594750670190ab
35 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6359460436251910749brt57461647594750670190ab
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.24.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-24-80.compute-1.amazonaws.com
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
content-type
image/gif
content-length
35
date
Fri, 18 Mar 2022 09:12:30 GMT
x-envoy-upstream-service-time
12
x-region
virginia
server
envoy

Redirect headers

Server
nginx/1.21.3
Date
Fri, 18 Mar 2022 09:12:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=emx&i=6359460436251910749brt57461647594750670190ab
AN-X-Request-Uuid
5aa8e85c-56c8-4f31-886b-45585d67be28
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
usersync
rtb.gumgum.com/ Frame 284E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YjRM-8Co8XgAAKuqQKkAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YjRM-8Co8XgAAKuqQKkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Fri, 18 Mar 2022 09:12:31 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YjRM-8Co8XgAAKuqQKkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
3
X-SO-HostName
m-ad286.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":30,"gdpr":false,"ipv4":"96.9.249.42","key":"YjRM-8Co8XgAAKuqQKkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad286"}
X-SO-Key
YjRM-8Co8XgAAKuqQKkAAAAA
X-SO-IP
96.9.249.42
X-SO-Cluster-ID
30
X-SO-Upstream-ID
m-ad286
usersync
rtb.gumgum.com/ Frame 39C9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=5sXF81LhMv9MWGJQujci&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=5sXF81LhMv9MWGJQujci&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT Fri, 18 Mar 2022 09:12:31 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=5sXF81LhMv9MWGJQujci&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:30 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjRM-vslB2dqu-QqfshUQAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B8DD 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8827NDN5N2S4H8ZH8EHG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&expiration=1650186750&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&expiration=1650186750&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&expiration=1650186750&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130750
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130750
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130750
date
Fri, 18 Mar 2022 09:12:30 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_62344cff31ce1&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_62344cff31ce1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_62344cff31ce1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_62344cff31ce1
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:30 GMT
Server
MT3 4256 109297d master ord-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:29 GMT
crum
dsum.casalemedia.com/ Frame B8DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6359460436251910749
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6359460436251910749
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:31 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cee1489e-a9b8-4006-9f6e-bc373dfa917f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B8DD 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
09XTX83TRW3DWMHCA2CD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf5.cloudfront.net (CloudFront), 1.1 varnish
age
2835720
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-ewr18169-EWR
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1647594751.895144,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
vUwPi6ZY7tfbUeTSpsEYsGYefVWIRZ-QQTkf_M0OKAVs_ACz91n3lQ==
x-cache-hits
134527
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebd.cloudfront.net (CloudFront), 1.1 varnish
age
1826834
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-ewr18169-EWR
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1647594751.895793,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
77z1jSwijThTjFkWSAV5LUstkKbnyW0lD5dqCM3tlxZBSB204vkFlw==
x-cache-hits
68999
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/ 		548 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7b675b91dd6159d9a10339f17876f5e114977f482278c51b9fbea5eff34e592e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:30 GMT
via
1.1 varnish
age
72857
x-amz-meta-mtime
1647521847
x-cache
HIT
x-amz-meta-ctime
1647521860
x-amz-meta-mode
33188
content-encoding
br
content-length
114912
x-amz-id-2
2OT4J76e9dAtws6sF0PNrJrhK7kP8eVZpVL/e/jJDvxJQxwkm43FsubBskbhbsOkOLnpOop5dVg=
x-served-by
cache-ewr18169-EWR
accept-ranges
bytes
last-modified
Thu, 17 Mar 2022 12:57:41 GMT
server
AmazonS3-br
x-timer
S1647594751.912992,VS0,VE0
etag
"78bb9500a56942e2a5c1364a0618646e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
0WYPJZX07VCDP909
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
69523
sync
us-match.taboola.com/ Frame E321 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
da2317c7c5198d128ded621353fbb62aa6e37bde50d39824f07dd36758dfae98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:30 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3103
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 7FFB 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
34378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 23:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 23:39:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 7FFB 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
34378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 23:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 23:39:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 7FFB 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
34378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 23:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 23:39:33 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 7FFB 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
777084ea2ccd862864badac0230353fbf062018ae716fb2c267857cb9010b1b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
309643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14496
x-xss-protection
0
server
sffe
date
Mon, 14 Mar 2022 19:11:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8883accefc7d66cc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Mar 2023 19:11:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 7FFB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
34378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 23:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 23:39:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 7FFB 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
34378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 23:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 23:39:33 GMT
truncated
/ Frame 7FFB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3a112f2455d4d396b71da37b363793ed22bb9d4788fd5f0ceb590bbc3ab06d5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
942959389606644658
tpc.googlesyndication.com/daca_images/simgad/ Frame 7FFB 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/942959389606644658
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bef4b1ddab027d10ba46109c0a3227bdf956ef4c9ddb5c2ffd96f98afd26de23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:54:07 GMT
x-content-type-options
nosniff
age
11904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116202
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:41:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Mar 2023 05:54:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FFB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:32:25 GMT
x-content-type-options
nosniff
server
cafe
age
2406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 19 Mar 2022 08:32:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FFB 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:37:57 GMT
x-content-type-options
nosniff
server
cafe
age
84874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:37:57 GMT
l
www.google.com/ads/measurement/ Frame 7FFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkmea7WGDgtfv_Xjphr2EYzpQVpwp2wDoJSpnxT0wA0Ob03KRJ2g11peV68H3PybIp8vOhy8VnvOIpksm__WpqBaytkA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7FFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYVLw_kw0YuLIGoqVxAOUw7XwApfOu4lp3oPk3OUP3NkeEAEglLrQQ2DJ7o6LwKSMEKAByfX8-wLIAQLgAgCoAwHIAwiqBM4CT9DFICfx-CJOTcrFuW_r4lKhx_ymT0r2wB0HhMOI-CVhcl-n4Tm2sa7E9_AWNweT0Tpi0qkwboUEMFKfseIketh9B6ZrJf_ZvmsRG5H0JeU6X_DcWL13FQhiqDo1kR1DiLw_VAP340P4UrFKoXfVrQRf93GUx_zV_z_kEgIUKOBK0jPzxP5zwkrFioSQXfgpEWsokxYxZPJJ9OAnLg0mH77DUFevJ8f-NMBV-ML9f4RGZo9qcQoRuIm_thHzA4JFGPOwEz5Dnopu6PqgxQuQWNPjqirCCPKvgBehmYmqSmo8HMS2t1qWEjhSrbYqrFkM4HRl9jFTJiKn3C8DluNMvSyhXBaKeF-WA1umHCcjJx5s5ovNnkHJngqAJULlAxgix9xi5psuwngCFNFzkVSoqOtEdPBuZq9xxMh9UNFS7M91oFLBUz2D7_APGISKfcAE6vqJjcAD4AQBkgUECAQYAZIFBAgFGASgBgKAB4-htZwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQx9wD0ggHCIBhEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi02Mzg0Mzg1NzMxMDU1NjA1GISIHg&sigh=9V1PxGFd1bg&uach_m=[UACH]
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 7FFB 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:00:06 GMT
x-content-type-options
nosniff
server
cafe
age
72745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 18 Mar 2022 13:00:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7029 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIpJmCW0suYHxgYy162E0bt-hId6eJg1vL0QaWHHnCF-BfkhtOPbUEi71fjCAYF5_FiPc8J_Tz5HP8WPiR1euoIYexdnP8UMVZcTzF1hjlXx0C2upQ&sig=Cg0ArKJSzFhh44CcDTlXEAE&id=lidar2&mcvt=1174&p=928,318,1020,956&mtos=1174,1174,1174,1174,1174&tos=1174,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=712872917&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594749385&rpt=443&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
7068
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
XI+whDX/roXDH8yRfdUcj2tPYkeUp/lr/mkz1546GCfiTmf0LGgjVjOIrdX7p638tcD4jYmC04A=
x-served-by
cache-ewr18169-EWR
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1647594751.033976,VS0,VE0
date
Fri, 18 Mar 2022 09:12:31 GMT
x-amz-request-id
ZQRTS77ND5Q34KYM
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
71
x-cache-hits
331
usync.js
eus.rubiconproject.com/ Frame 8F33 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22117
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame B939 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22117
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		638 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4453/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
864ebbab00ac567e9b899f90583c1bea831a9c95e65ac8320b17c75f77e8ea03

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:32:43 GMT
content-encoding
br
age
49188
x-guploader-uploadid
ADPycds-ck6bseCNQbU-yMMoYW31lxIwWx9Vy4FMHiIF0SCrRTtQustTRZQ4hVj4tOpFBB-8EHVLZVkDK1BAKTXPyM9PIRlQJQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
clear
content-length
127519
last-modified
Thu, 17 Mar 2022 19:32:38 GMT
server
UploadServer
etag
"26dc55bb13118070161aa3b6242506b1"
x-goog-hash
crc32c=QFcfzg==, md5=JtxVuxMRgHAWGqO2JCUGsQ==
x-goog-generation
1647545558230702
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
127519
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 17 Mar 2023 19:32:43 GMT
usync.js
eus.rubiconproject.com/ Frame F30D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22117
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
/
crta.dailymail.co.uk/ 		8 B
450 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:31 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 8F33 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=L0W7DGRS-P-64GH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif
vpaidAnalytics.js
vidstat.taboola.com/vpaidAnalytics/34/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaidAnalytics/34/vpaidAnalytics.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf35b9677033c1404fb8ed20a0418cfdd0773e01a3d805dff56f029556aab8d4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront), 1.1 varnish
age
815221
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
2095
x-served-by
cache-ewr18169-EWR
last-modified
Thu, 25 Feb 2021 08:19:27 GMT
server
AmazonS3
x-timer
S1647594751.250141,VS0,VE0
etag
"3a0ede864a4643991e96f38f8461c1dc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5FhY0ZChutKXzje1cmmOA0BZofW1KVB0E_Y-Oxl_6VU-Ol0peS1Dhw==
x-cache-hits
69567
sync
taboola-supply-partners.tremorhub.com/ Frame 958F 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 958F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 958F 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 958F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28804

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:31 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame 958F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28804

Redirect headers

location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
6206ce25-1aad-4e1e-95eb-277b14be7dbb
https://www.dailymail.co.uk/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/6206ce25-1aad-4e1e-95eb-277b14be7dbb
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
80a06235-321d-4f1f-986a-0110ae43ac82
https://www.dailymail.co.uk/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/80a06235-321d-4f1f-986a-0110ae43ac82
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FFB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ww.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 7FFB 		47 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e0af78efbbb3fe37d28aa6ebbb09bb4a2cacc34c6e552d2783a0ac274d6d3cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
309643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
server
sffe
date
Mon, 14 Mar 2022 19:11:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f3d27810dccafe90"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Mar 2023 19:11:48 GMT
v1
ads.yahoo.com/cms/ Frame 8F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0W7DGRS-P-64GH&sigv=1&esig=2~8144a222e1baac5dfed75856d7eff0cc6673d93c&gdpr=1&us_privacy=1---
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0W7DGRS-P-64GH&sigv=1&esig=2~8144a222e1baac5dfed75856d7eff0cc6673d93c&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0W7DGRS-P-64GH&sigv=1&esig=2~8144a222e1baac5dfed75856d7eff0cc6673d93c&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8F33
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V15JB9PTN9NYKGXMM0WY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZXWTZW3JMXKJY1DJ12QE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0W7DGRS-P-64GH&gdpr=1&us_privacy=1---
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0W7DGRS-P-64GH&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DAD9E7B8E0AE429DBCDF415577723405 Ref B: NYCEDGE1721 Ref C: 2022-03-18T09:12:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXaeovmnXscwwepHZuHdQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0W7DGRS-P-64GH&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OCWrorkGYl7Bdda46ymLbQ?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
Content-Type
image/gif

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dcm
s.amazon-adsystem.com/ Frame 8F33
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6Y4EM7V19NP4ECE64NTQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SQRS8NJ83KE8VS8BBTVE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8F33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8F33 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhMWU2MGNiODEwZGFjYjk3OTBiNzVjYjk4MzUyMWVlZDc0OTgwNw&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhMWU2MGNiODEwZGFjYjk3OTBiNzVjYjk4MzUyMWVlZDc0OTgwNw&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBhMWU2MGNiODEwZGFjYjk3OTBiNzVjYjk4MzUyMWVlZDc0OTgwNw&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
data.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.65.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.65.190.35.bc.googleusercontent.com
Software
/
Resource Hash
85f0844011ea540bed4271dc1c1bcbc12505740a1046cb882cb081826d9a1520

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		57 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.69.52 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
52.69.201.35.bc.googleusercontent.com
Software
/
Resource Hash
f4db358b20d4155bdad9235f563f136e8c2d96b6345bcecb0530ba744688d717

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		57 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.69.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.69.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d1528aa320627707c1f1084aa1358eed1b9d345f49b8c0f8b253d58af9a8cf93

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:31 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
container.html
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 41F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:12:29 GMT
expires
Sat, 18 Mar 2023 09:12:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 3B03 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

x-guploader-uploadid
ADPycdsLGDN9a7rhYiQo3-4M-ziaTBDtQFMsa5ZvBcwk25vua5tzksmIsj80U1HHGUmYZyjkzdlcGRv_Zx4Ofen8vFc
x-goog-generation
1646075215809942
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-encoding
gzip
x-goog-hash
crc32c=rbV5Qw== md5=F+oNeszHtFxpWEp75KmB4w==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
date
Tue, 01 Mar 2022 02:19:46 GMT
expires
Wed, 01 Mar 2023 02:19:46 GMT
cache-control
public,max-age=31536000
age
1493565
last-modified
Mon, 28 Feb 2022 19:06:55 GMT
etag
"17ea0d7accc7b45c69584a7be4a981e3"
content-type
text/html; charset=UTF-8
alt-svc
clear
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 41F7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:52:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 07:52:19 GMT
css
fonts.googleapis.com/ Frame 41F7 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:21:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:31 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 41F7 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 41F7 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 41F7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:07:31 GMT
f6ed9f6b-c0da-4b62-8dac-373b1c1874ac
https://www.dailymail.co.uk/ Frame 7FFB 		47 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/f6ed9f6b-c0da-4b62-8dac-373b1c1874ac
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b52226ef3646df4d7f114d5bf96dfa97f78747f1b058dd45ff1837cdc49538f0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
47797
Content-Type
text/javascript
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame 0B82 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:11:53 GMT
expires
Thu, 16 Mar 2023 20:11:53 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
133238
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7B25 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:51:37 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2876
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
ya9YfHL2+h7kfbONwfwrmcSkc/1ucChMhuGuDG4Zdj9fLgY5e1BCrs/R9pQhKCogrzb/5nl7Dm4=
x-served-by
cache-ewr18169-EWR
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647594752.624564,VS0,VE0
date
Fri, 18 Mar 2022 09:12:31 GMT
vary
Accept-Encoding
x-amz-request-id
590MJKFTE581ZB2H
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
1945
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
11297
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
3dZW8+QHNVAjgs44KIsfEgaFMfU+rOpzAHa/0tfaLZzPrzE2yuwCSIDR/TnHWlPTvdWDjHKtcq0=
x-served-by
cache-ewr18169-EWR
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647594752.624640,VS0,VE0
date
Fri, 18 Mar 2022 09:12:31 GMT
vary
Accept-Encoding
x-amz-request-id
E0S08ACXVTAWQV5S
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
4742
init1.js
api.bounceexchange.com/bounce/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=540&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAdgFYBOM8o-czYALxCgAZMB3AUwCMdUwbgH1UAEyjFi5AMyYATtxwgANnDQYChNmwAe+AEw6F3GN3mL5UbAEMVK1AgDmwuPJVQAFsGAAHHACkMgCCAQYAYmHhnDEAdGI2qCoAngC2iSqxSCCxcADWUQjcnIERNvJoSCrcALQG+AAcpJQtUQDqSSo1+MQNqTUAom4gALKd6Ag4NWA2SHm+IMA1nI5F8jU4nuW1MCAViLUqGE41RzhLWyowNbzyi57mNancwLHeqSqYAG6oAsDC2RAeVQ3CgAVIACEwgYVL5oUFQgYDN4-KVZIjyBEwpjonEEkk0hksjl8tiIkUSmTwuVKtU6o1mq0DDiOvZur1+kM7mN7BMpjM5gslisEGsNltFDVdvsiqdjnLzjVLtdbvdHs9Xu8VPCDABhaHyeEhHUGcEAEWwICBILBkPNlutIlAIGEKnKTlBMDsOG4mF4vnYmBeAYA2gBdTC+YB4S2pXwOGzIEQwN1OKBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
1ac74f438e79a6ee5459de59cd32aad65dcdb3183cde7fb0b83fc5d01e69c5b0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 09:12:31 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
10
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
events
api.permutive.com/v2.0/batch/ 		101 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4bd56ac0a5f443ad3ae27b91d0c8e85b67485227646d27205005b2ba9e4f4ff1

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
via
1.1 google
csi
csi.gstatic.com/ Frame 41F7 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l0w7dioo&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 41F7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
88921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Mar 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 41F7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
239821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:35:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1647594751712&ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 41F7 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Df3p76IDbGe94yMzHuCP-DBDhyWnLCFa5220kRaw6WDwWCE7Q3mom2uxysvUromJLzOriJ5-EEBA4-RbCa0xQLdAE5EQ&cry=1&dbm_d=AKAmf-DO7Udt_q30G1rZ6fs2TVJUa4CLI-k9jO02UDbZyScpZ5WWqS_6Yl936TH6kzn8MflWkKlOaDw8MVu5PDsp7bqa3yxL_h1ZQT_bCPYBUSM3pTkUiX7wTq7Wnr4X1Ucye_JqCQLy04mE6rCs3I4ZxRqYmZT_F13sc2dmcl1Nw2noOLgSJ8I6XerO809Xo4ZO-B-aoJ0lxSkdX_5EMOw9TxvTbfiwM1zsGqnsWmY4ZwFw5SjohZGciQ3da5SZ8jc4Jom1reIsPvJztMMf2YeEiWdZeTe4YgJOtd9Q8-dDUS-qVwMsuGVhAhxNLZNH3W_jb8zYIT0VXtfFTdiAmLs888QE8GOwLEggDstkqPlkEVI4wUZ7Z4d81uv-DZTsG1zPBY4tOT4cq9rDIsore-pc_-__mNyAxVgzxbQq1YiVLsohDeOMsycaKhwtNpcIWK2ZZKcXwA0wIhgWnefAOfkpAbK-JpuRp1wIk4izl_s2QhELbLqYQnLweUa8aEFejDyr2dehkltCE4M8CwlG6FXL50bTvs6d4oq2F0md2Cbjrpf-1Rq15wMRzcZtjejuJP6hjj0Fjk8LZ6xM-QqVpDijX1FuIY0j-n2-5xQSZTykZEz_W7DmAWWvD3BXIQs9UmUyQgSklEHPGbvzVdtj3rJ3yjvzjKjm7oe633709tIGY1YF9S5I08VhyYG5CUdzsXQPqHSVosOZs_MKki0u4l_lhcO6NALrr5gI6QSUI1U7fyZ4AaREm7oPeGPoQBRbArGPj-62wvyydIWMbIVBjKyRmUZXIZzKSl-YOeViGJ3s4eY8U60Iyy7LORAGJ55UZU1LYo6GXEuhqnpsGOKQzo9_8yvL32YHeEFm2YZLxAt89E1gPmwAnStng2gNcBfSTMvHdFGgSnf9CB7hpx1HykiOOwKrJ37OxoYCNL7y2j1aLsXDWCXJ7-7b_qwBhLHDidZjgsKT4cGU9q6qk1vuBenlsAge6UyYM0f2SRcar2yumLdpyU7nsRpkGwoHUxrOwXRwgW3En0HNarHkONxEmzEfV-eYlH8NokQ6wBxSOTnPh1YFIjML8kAHLSZiq6vdULZZ-BAv0M9UBDu0_ro5k1s6kXJe3w5o_kgNTokE_v-j1pdZqAiQMUa4YgRduZ8cwaYUmBEgyyH4b8_Ebwa10LSYORuKGPQ5F3SG9hTY_X-Fp9jf-vqNWjV-bylWYmxoNE2h5dwysErNPq1vY6WS4m7Wx0ftZzzSJ2tDna2oBlRL4SrEgzoKDEIWXYuCx1X3aDofh4HwlEjka6A3x7t-6dsfjfCaHNbAhiYZvyb4i1emcUpCmGwwuiM9gjMR9bZJEr4Ll54wgNBhG7yWgGZVveps8WNPDOj7qHDkoMMOnwRjk6YNK1NDPDfTJyEKL8jWFKRlz2Wn3RHyyWbjFct2X5xaPYGwavhCT1ZooYeSvnKDwPeD-DGNiOh6TslMWqJShLLliFATQlWWKvYNgAZKmYy9qxOP3b1w3ccW1xI_YhmZfF_KN_QViUwZRMbzqxzuiAjSwre6Yo-6T9oios0UeoIX_ZtvhjfonTb3VBo4RxWpsUHtPOS1mF8ZJ9SCQMw1wZewUVkl_QgBswKufxWuy8oW8xBPq606t87v7FV37KRg-7hWz0mGAkbuDs2dmcio2icwKWm5yu0y8wZSrdRoGg0H3TDHSNGnioWXgx_1KnUy5CgyWEnXbeA_HnO_gdqdOHFL0fQ9Er7503uT9MealJiT9pYCqdzsPCAGqf7FOVrpWa7y9EJFi9wT_npkHFIF1yLwvKlFYBL9JtNvbZ9YoOquU9ZMgIAn9oYaFas8F43VWHxmllnSSanWFSwusOsHdyc0FtYqyCx42N1gH0yk0Zyv4ZG0NxZEZHj6Tx6borWUCsq74evAMUrtMT8mIaQfBtbqWb8f0Um5K1r5i9OQQhPRq5sBxW1XunCA63GK3iS09i4Ms3jJXsy_bCKPoZ3QseTK0sADp9Pflzuow-vwk1Kl-AERwzQiY5UCoaWroLLTRKBxaZj4upAV3afrhlV7-LMkNr_Bgh3YOXx9vToJd1qhiXFzxxW4_olJOdf-hUVpQyrE0KLVnVePqRq3jozXINVk2_u2uWnRT5hFDAeF5UC5FiMX69QIiQGsgeFm1_MduCMY9c4qgHB6I2VKO1Q04DDx9jWb4XAR9iDDls35-__51_QY3-8o3KQJwnBQTlKVWcusT6DLlt5N0ZsXb4AGGz_48VAOLFAppc9uec4N8E9fBZmKUFNASZlxtaAUhHQ9AWik3CoNzpyCVVWluyIEuiiFLm2dTUSgr11e8XOVk0Zjiz6fiK4ALtau2Zn9WzggKWaedAtjFUpwZv5z0aETAq3E7_xkBEFzdLLYX4FYqgSgSuQ4Tvch23u9mXu6M--29A0Eys_Bx2peLPduyg_dUUIeTpXG8n8p6NkmEHC9IVaxobFtzTIh8fFI0SY9azUOGToi3dcGW6XnyJ9RutXwm7PpyHccZEutc9luyQuQprGw7lWAnVm5Kh83W0oSzuUdZep4jcVogX-2Khdhfr6PkOAKqVE55SJCgBp0o6ms0fyhAgDcV5s3cfr1_IPpiZlwNsgg5NuetoDWPrYE8p2R4RJVcuY2CC1aP2iQhCGvET6J-PBygdcmxhZaZ_A7d0q2A-GSmdcdx-LGP5gJmkZ-4OUxUkRmK9KlOKVpwT22aqrdwq9F-6PmvcuRGqSW8zZlEu5nuO52s72QxRX3vIsIVoghwEtxHZH8mIxFrmtLzqPD4v5FLIuYQU31zCdv2mVKY7pzR8tIVvIUn1NCevO03v-XGR57a-tfKwJgTYvuuOiMx1ha9gODL5mdqA7jMUAm_nlprXs7WUcUxqvvJs7HgMzjMQ4O3gkeXkzWA2HzKVhBeVOdhJ-V34KIEbMXFIiDPcFhAFjBSmRS9vfW5XdSGHoeZ8Xz_WzpNWO17CcG3fq7ul2jHi72Ym2qvv_JNv8k5064bwrQ1nH9eaCA3sZDdwBJXhWyoBus0Uz0tZlARCav45yUWmAhVJarpRPCmvNY2WTj_A4yltJfq4YHr9KfiOfIyM1gbbeOUfh71zOfbLq0o3T_Te5xZVPJB5ezRqmRVXEKe-gue7Lvgx4c9sHsEk1qlwnXux27ABGfpuvqqmsiBmMnV628QdhnhfCckD7Khhj5BS-dD1KxQ3Or_I94hWXDppOTmZwnD9s7dz_jmEQqcgspNU2vdLmdCWzdDnbXxkjoxlmRRszUyFzPco7W2RfzR1Ru8vGMUd_7-XPLrMui-FRpFRJUZiPiSF9LTDJ8xsM_OwROlybDiY4uvwwpMW-hUF1qC3mx-PvaG9QS4AUw9CCvjju6ZDRxvq09Jast5M9m5WzF6f2gTHOCqYFVMIAC_mozXyeypr1eN5yER03vaM6cU6le_Q&cid=CAASJORowlt1s59gUABx6A3QWbEntoDn2DYYNO4HlQtsX78cX-AiQA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
8eab1160c614b5b90d48a6177b77fdc413cddff8d5272ec2d14d4d2d32942665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15693
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 41F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUS5V_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMBqgTqAU_Q91Am0WpL_RPHRju1N3uMf0S7vuY6F30ULXzD2XBbP03F-RQ1EDunMUrVV-4mZgPM0IFQxDz9bLGkdPimn9iz69X65y6mC2V4kitI7Z0Ww265MH3AZTNoDUswBH1Sg-8SRdxNYJIa6qRHOx838uQXvy2QbJ2GrDgoE3eg6x0Xd3-Xzg0En1oM9y0IVCcp3228TCyD616IYcZ1pqgqUE9XabKrD86dmAnDlV7og4CeOnDeXP4e5sRNXKHLwsahO3u_x6dWu_SGHXdUMC844hAVEzV_M18KQ_P8fyfDSsPnONgSnJoq1fYNhMAE9rujzfAD4AQDiAWL1oPGOJIFCwgiEAEYAUjxxqIBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeex_TPAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEL7-BxjQ682_AdIIBwiAYRABGB2ACgPICwGwE7y3wA7IE-zu2d4D0BMA2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTYzODQzODU3MzEwNTU2MDUYhIge&sigh=0MUxy77KBSk&uach_m=[UACH]&cid=CAQSOwCNIrLMFfoaH4Qd0WgIY6AhkBjBmgloC731928o3nzmp9uauAx3X4LI1oyPj5o5eNwtDpUlOQlyE6j_&vt=10
Requested by
Host: d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
URL: https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pw.js
cdn.includemodal.com/ Frame 2347 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5823
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594752.825492,VS0,VE0
date
Fri, 18 Mar 2022 09:12:31 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
53
view
securepubads.g.doubleclick.net/pcs/ Frame 2347 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmXlEbYq9yq1l19UcrUTuCRj2eWTGbRJXI2tlCyhNXgpMUz0BcrGQQocWssYWAvV7tDRvusaULxoi2u77wCSBYopwRQR4W311vnF2UHIVo5zYZ5isvD8tnrr9VLE6HyjTlW_3_wo6RilRm64J959F_f7H6Cn0jFAwwE330FPy1lrC9nsjd7hvAdvemC5wcZuR1dcSSTczTNieLo_TE0mE40oGiumEEAuE7_FZKu3zMglLwfnwM8fhpspLy2kT7Nztvb2dNvYc4182NrW42uM9bG_Gir35JARlvAjndnf8Rcd5Sa_D0w3X0tSkaFqDQleTNSh4TYe3KUgw2Ndmhn1ZhtqGNrPPvT7bw78zzCg&sig=Cg0ArKJSzCfVZfTxvIfoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2347 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
2b6ae1270bd7f8130702084d1bd442e037be9b606cb030ea1960aaf3ba689e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27853
x-xss-protection
0
server
sffe
etag
"1161 / 908 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2347 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:31 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 2347 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59316
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 2347 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2907386859.Line%20Item%20ID.5801406709
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 2347 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
0Q_KcNHkvHy3jhdOs4-6U3K_Us0rqCxkze-m_AtN2Pq2J8Zl08xEBQ==
expires
Fri, 18 Mar 2022 09:17:31 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ Frame 41F7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7689e94d4e6de66bd603ed3122c636b4fe7bf97917564e722b713ef53c13f44

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
480x270_MP4_4612158401457702697.mp4
video.dailymail.co.uk/video/mol/2022/03/16/4612158401457702697/ 		762 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2022/03/16/4612158401457702697/480x270_MP4_4612158401457702697.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
last-modified
Wed, 16 Mar 2022 03:40:32 GMT
server
AkamaiNetStorage
etag
"05e8eaf6e8d7b7bd40d502fce0e1e1c8:1647402032.13946"
content-type
video/mp4
Content-Range
bytes 0-1180210/1180211
cache-control
max-age=3600
accept-ranges
bytes
Content-Length
1180211
expires
Fri, 18 Mar 2022 10:12:31 GMT
/
pips.taboola.com/ 		4 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-ewr18148-EWR
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
c
ids.cdnwidget.com/ 		542 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=5604ceb247db0c641eef71e8a66dfd5d&SCH1=9de9974f14090f39cef126c76b3e5e50&GCS1=145215179&GCS2=MzBjYzcyNTMtZTUxNC00OTljLTg1YTktOWMyNDQxMGJjNmNlLmxvY2Fs&pe=false&wsid=4453&varID=0obs5&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4453%2C%22loadID%22%3A%22TokDb5rMkuLDZrI%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A5%2C%22IDStageStart%22%3A5%2C%22obsReqpage%22%3A161%2C%22obsReqdata%22%3A165%2C%22obsReqview%22%3A168%2C%22netComplete%22%3A467%2C%22IDStagePrefire%22%3A467%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1c1c10b01ed43b1f0ce18f15416dc49b4dba27da8b4f64d4aa16ca730b5c9d68

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9768 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32871
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:31 GMT
vary
Accept-Encoding
creatives-base-styles.96663738.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.96663738.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_cjs_min_09d9c98d004f83966c48cc77cdcf5d74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 05:30:48 GMT
content-encoding
gzip
age
790903
x-guploader-uploadid
ADPycdsbavX1lVsw9-Ij1irMEDkHnL9zfncrbULZRWFF6PM8BiIr4IWvGl5-M_OiKw0_6dGnhe2aBwgiX2u26TcNZ8CBhvR45A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6010
last-modified
Mon, 07 Feb 2022 14:51:25 GMT
server
UploadServer
etag
"b02b20e16378200891ef95dfe357cd77"
vary
Accept-Encoding
x-goog-hash
crc32c=0SBkxg==, md5=sCsg4WN4IAiR75Xf41fNdw==
x-goog-generation
1644245485313408
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6010
accept-ranges
bytes
content-type
text/css
expires
Thu, 09 Mar 2023 05:30:48 GMT
visit
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATjyWRnUADnV1RnpJNgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26ASPGXhQyAE8ss9JGeIJGWAiD2kwEIWemyBB4ywBaakkJRcBTyz245F+klKWV+AFFFgQ8GRwgRMGBfgArFCJUwESC-AQ8V5IX5gNJNBC-eoEJCQWCvX6kVFoRkEMD48mkeq-GyZSBpZC-HKQRirLKkMa9aD9MAEUiwL6o3Q4SSqZjMSUTGVyhUgVHnFU6DU9CbxeCQbLAJogFA2SxgHCUFxKFwAEU1MDuBAiIAQjudNGo9WAkED8mMqvULnoeSjVRCgdAvDDcgjGmjsejqryzDVrGooWo1BQBBTxnzheopFMZcDq3Wm22z2eRwEJ2ul2ut3uj2er3eWzon2+fwBQJBYORkOhcIRSPIerRmOxEVx+MJmGJpPJ-SpNLpDKZmBZTPZv053N5eIFJOFosg4rDBcDKE21HDFcTpmAZeqz6LyZFuGgaAe+-7UEgtZAdBlbxCGv7pjGcZ-pWECgeGkIJkWaDxJBQGppI9BYdQWRlp+AEgOhqaBnI1AaHkbT0HssZyHIgIuGBYGVqQ8H4WmcaZvG4HxCgWRzCAaBorWAZFpItHqICf7vtRMnUMAP58eRVa8cp-EZshTquoZxEabpToukZbqdPAyDzNg0BXkIyA4OkmQ5NZiCoBg9nAMgECojgBRFKU5SVJIHm2d5MAWCgkDUkgWQ4Co-ADsw0gRV5WAwLwCCgPECCQOcph+jlYARBapidGa7LZMg0DkmAdyYL5tIILwOAahgBDQHc9KQEg5x3DlOAAKo1J0XU9QQfUDUNCByKNNTGBNCDdb12ADZgol+iNmBQG1tSQLFCBgCt3X9Ggi44CIACaZ3Sggl2oltOTXW8bA3TSET3fEUAGgosD1I0TL3bi7IoKQc0quoOjUD9qJfK82BQyIy1ZAQw0agIti9AglE4OUbQevjkb6Vmqg5nmnQ5XlePtbR9GMcx6isexcNzBgoBvCTnSIAAjrAWD5fjGo-L62BfDk4NiSqiGCYC9Ci+EWUoKYIAtf5mA4EdaByNTuXfCVvPTUg+U4NjNidHZuA2UgQA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdACYgzoCeAtu+kwGMA9k2QBregDsEJWiFS4YA9BAC0VAIwAOAOwBOA-QDqHdKo0AWLd1UBRNEICypmEMmFVAKxACxwIbiq8DCS0qiqhNjyagBmQgrI0qrobmDJQoSBUegxqgBGqAHYEOHcELhMeNzoAGSgkLAIiALImULcUPIwIHkqhJjEOgBCgwAideDQcEjCQmJwhDAAXhCYpABsFhMN04ggkgLY8YhxiSyIGqRUFtoamBo13EIsqwAMNfAQeYu4EDAsmAsFgArKQarAfv97psdMC9BZYRp1npXutXu8XrABH8AVdNnpQcDgVR4aRSNodFRtlMEFCHoQIABHZAQA44+41ZRwST4GBlTIgbjAaEIuGi7TEznobm4EDAGBQEqLNyYWVgMGYpSrFg1QhCNDYzCfPI1SY8zCtEpAA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
article_view
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgXgKQHYBCSBMmkBYAMYAngA5xY4DMAghaJLOdlgMIXFkVI13jTxdMbbJDADmPbAHUIMGFnxIWOapQCMuABwBbBQFEAriAD2AWVkwIxgHYBnBQCtgUANYljYBQHcI163BAFWwALUCZ8YIh7THwAM2NwA39vCDBghRgbAHMAWkzbTxjQmFiFACMTNICFYPDQ6Px-ADcAgDp2wWFMI3kJWmxgsDASe0kAMSwxr2nWgBNgWSJtBZhWqGNWgxdJ-y9osfp+OBzMNU0UAE4ryZk5HI0dHMMTczkrOxynV3cwHJ8-AI5EJhHLxRL+PLZSEFHLFWI5CoeWogHLaOBgVqDbS9HBCCgQZZZJhUfqYQbDUb9CaYMYQOYrJYrNYbLaTCCTEgQAAek1sUGA8FmkxialxY3wmkmagArJNDowTmdLld7loWCwAGyUFD4XW66UAERYORQmnwAH1KBKuWdpa0HCQsp0KCQDGV5mBidxSSLMDkJaqACq673SlChxSYND4NQh5h47CzOB8kAQEiQGxcSSYAAKwAMvXwt1smYT+GlsrLRGTnpA8yIGTgoH8QqK4S8wAaVRqAvhiKqgRixlKMWeZgs7wa-38g-w1FmqeA1gUaGARDBreE+E5UDARjgrfwPjSKVi4QA4hOlzUAuFgLFawpuzF1gYSPAAOQNJQqdRaXQxF8bgeCk1itM62D5mkCRZqSejaIsCjUHIcDLkI1DWNB1gNjEaA2JuACS1hJnWcBwCQK4LHYEGYC4cBEF4CSzNEJJINKGCJgyyyyDRuwsWxBqoAaABk2jGEmCD4MJXhwGUtipHAECzAguC4NKlDCU0USpEpCBqBquAoNKFyGdK+kXPgGq6sJSZaVAinKZQmAGRc6kVpgJmUOo5yYMJJDAESWlwD4ylqMJthwAAjgYqH2bpvmwBAqFDASNbANoJB6QZRkmUZtrSsJiXJcAnItCA8k2AgYABRptnQIgszhcYRj2QgMllMJAXJQgBgRSAQA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=7c645530-439f-430f-be08-f3bda86d545b
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=7c645530-439f-430f-be08-f3bda86d545b
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=7c645530-439f-430f-be08-f3bda86d545b
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cmp
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsALAOwCsAnBZYaQEyUBkokMCAFlhAMLhocfGBABSRgAZgeFihAATKPkksA7lABGEJLChIF+UqUoBmFgDckO5IZJ1aVEtUnFJqpVeD7DpxmWozSkpGWlNTQgAOckYWXCwAcygrKDUDIhZoAEcAVxhvdPNgABskTmQ0CGw8IjIqR3pI4mI2Us4sXCQLKAAnHXB8bATzTyRvfAVMkBye8Y1NFkTOfBzoHqA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0B82 		59 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&hl=en&iu=%2F424397508%2Fdm.chromelessvideo%2Fdm_dmnews_news%2Fpreroll&correlator=733271493044988&cust_params=length%3D0%26videoWidth%3D401%26videoHeight%3D225%26play%3D1%26embed%3Dfalse%26ttid%3D4612158401457702697%26domain%3Ddailymail%26flyaway%3Dfalse%26s%3Doff%26videoTitle%3DI_dont_know_what_a_woman_is_Candace_Owens_blasts_Rachel_Levine%26video%3DFox_News%26environment%3Dproduction%26pos%3Djw_preroll%26abv%3D4.1.93%26page%3Dart%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26bot%3Dfalse%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26session_page_ID%3Dnone%26utm_source%3Dnone%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dnews%26subarea%3Dnews%26session%3D1%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%2F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%20LB%20List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26permutive%3D%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26ptime%3D1647594748625%26gdpr%3D0%26cmp%3Dccpa%26us_privacy%3D1---%26consent%3Dfalse%26adx_channel%3D6%26refreshCount%3D0%26player%3Djwplayer%26channel%3Dnews%26context%3Dic_8717611%2Cic_9564594%2Cic_8240327%2Cic_1787551%2Cic_2782847%2Cic_2815204%2Cic_9189836%2Cic_3422137%2Cic_1840023%2Cic_9954675%2Cic_2592227%2Cic_6954336%2Cic_8826493%2Cic_1632258%2Cic_5442632%2Cic_0741318%2Cic_3830588%2Cic_9293312%2Cic_2891044%2Cic_5887407%26categories%3D%26hb_pb%3D0.75%26hb_cache_path%3D%2Fcache%26hb_uuid%3D7e3f0bc5-9ffa-41cd-8d5f-0cb263240409%26hb_bidder%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%3A443%26hb_adid%3D2338afeb4316d205%26hb_size%3D401x225%26hb_source%3Dclient%26hb_format%3Dvideo%26hb_skin%3Dfalse%26hb_cache_id%3D7e3f0bc5-9ffa-41cd-8d5f-0cb263240409%26bc%3D0%26bc_diff%3D0%26hb_pb_rubicon%3D0.75%26hb_cache_path_rubico%3D%2Fcache%26hb_uuid_rubicon%3D7e3f0bc5-9ffa-41cd-8d5f-0cb263240409%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%3A443%26hb_adid_rubicon%3D2338afeb4316d205%26hb_size_rubicon%3D401x225%26hb_source_rubicon%3Dclient%26hb_format_rubicon%3Dvideo%26hb_skin_rubicon%3Dfalse%26hb_cache_id_rubicon%3D7e3f0bc5-9ffa-41cd-8d5f-0cb263240409%26maxbid%3D1%26maxbidpk%3D2%26maxbid_bidder%3Dtia%26amzniid%3DIn-JQzLtXFyQc8E_8IG2Oy4AAAF_nEzBHgEAAAv5BPW148w%26amznp%3D1bl222o%26amznsz%3D640x390%26amznbid%3Dv_lulpts%26oov%3Dfalse%26sz%3D401x225&description_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-10617827%2FCandace-Owens-USA-Today-decision-Bidens-trans-health-secretary-Rachel-Levine-women-year.html&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&scor=3480023471871021&sz=401x225&vid=4612158401457702697&vpa=auto&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&mpt=videojs&mpv=4.12.15&us_privacy=1---&sdki=44d&adk=3644757835&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=D3358268-20E8-4ED4-8EEA-A5837121F735&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nel=0&eid=44750822%2C44756711%2C44758347%2C44758374&dlt=1647594747351&idt=4418&dt=1647594751876&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
d47e40f1b0ecb71547a43e2d78800910c238bf00320f2c31fb653d6ccb7eb5a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5844
x-xss-protection
0
google-lineitem-id
5531887826,4753751685,5444844695
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138329649563,138311634286,138370705730
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Mar 2022 09:12:31 GMT
Cache-Control
no-store
Server
nginx
Connection
close
pixel.gif
px.moatads.com/ Frame 2347 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274347%3A-&de=354129158021&t=1647594751897&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2907386859%26moatClientLevel3%3D5801406709%26moatClientLevel4%3D138366224032%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274347%26zMoatPS%3Dmpu_puff_10%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=2049789444&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:31 GMT
truncated
/ Frame 2347 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e5704f08fead301bb735a56a8358632b23d2ebc5e9e191d39fb9216153bfade

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 41F7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 23:39:42 GMT
file.mp4
r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 41F7
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F319BF581EE5D2C959CC616C14CD896F6A9B973.8079E487EB76C2409EDF17C7F66A65544E021208/key/cms1/cms_redirect/yes/mh/AJ/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzd/ms/onc/mt/1647593599/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
2607:f8b0:401e:2b::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1406521
Last-Modified
Wed, 12 Jan 2022 18:51:21 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 18 Mar 2022 09:12:32 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F319BF581EE5D2C959CC616C14CD896F6A9B973.8079E487EB76C2409EDF17C7F66A65544E021208/key/cms1/cms_redirect/yes/mh/AJ/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzd/ms/onc/mt/1647593599/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 41F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l0w7diox&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vmfc=15&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.19q
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 2347 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 23:40:24 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 2347 		0
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=752367
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfBNpUbjKy3m3OXKIMe1XEgqmN84DXArzvLRdHdRqJqrBWr0dFX93tsjSh8RJoPfTpoiMNs4ZrKou7pwUaDVb6QZ2spnOlVHA7k6SwPLSLd4%2B4l3mCCyXHt7sfi0vWtiyD1VZkUIpqVSn%2BsGCPYu%2FDoIAw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8e05e9f1811-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1uspsNmj4BzRsBpIny
5c675023-7c1e-41a5-b834-3d09297f9913
https://www.dailymail.co.uk/ Frame 2347 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/5c675023-7c1e-41a5-b834-3d09297f9913
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
getad
aax-us-east.amazon-adsystem.com/x/ Frame 2347 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
Server
x-amz-rid
687Q0ZRSJJPDCP8Q1397
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
PugMaster
image6.pubmatic.com/AdServer/ Frame 9768 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12245990&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6a97d13c1c5fbda6b4beef7802aab9a81ff332f4f75abba84973cc43799a6462

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:31 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame CCF3 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:39:43 GMT
expires
Fri, 17 Mar 2023 23:39:43 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
34369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 2347 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2347 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=55863995706537&correlator=2481877772994738&eid=31065547&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&adks=1839724902&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=in2w_key9001%3D1%26abv%3D4.1.93%26adx_channel%3D12%26amznbid%3D1%26amznp%3D1%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26hb_adid%3D2012b8b52d06d87b%26hb_adid_33across%3D2012b8b52d06d87b%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_pb%3D0.38%26hb_pb_33across%3D0.38%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.38%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_puff_10%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D184%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h_cqgz%26in2w_key7%3D842%26in2w_key8%3D184%252C185%252C186%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D15&eri=4&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594752078&dlt=1647594751750&idt=290&biw=1600&bih=1200&isw=300&ish=600&adxs=978&adys=2847&oid=2&ucis=8xxr7k3329lm&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x18&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594752&ga_hid=1227633496&ga_fc=true&btvi=1&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
4125c687283bfbd1fa8662aeb2e6396d8f3479c1f5d5155769a310f17d9e4b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17563
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376929203
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 525E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:32 GMT
expires
Sat, 18 Mar 2023 09:12:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:32 GMT
pw.js
cdn.includemodal.com/ Frame EA9C 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5823
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594752.144714,VS0,VE0
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
54
view
securepubads.g.doubleclick.net/pcs/ Frame EA9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBmmhku5D1U4HDieitqwdCmgDhVNzCx2I2Yvbq6TaYDnMJuD59SfxTz5ZrAT1EMC-5Yid6Lkf6ANsq88R3Ug5lRGkxm-eov7McJPtiQcphywkC2aW2hjncL9AiwEFgOQv_aW75zz34_Ig3O20AfMRv112O2cdrF_ZDkllg-YMT1JplD1QyJ-SLoeEfc8m6UwS3dmdolu8-6HXpB4AQ-T_crn39HcldLvGCgMmTWaq_ZdPEZ9y2cRxrI7qqnkTmSFbhTtywwj5MEVSo-nxPJPMhlhgtZwUPnKHyRiHicCkjQdvbCRLWh74JH10fFWSif3jBazsru7Nb8XMThyVeMHP1rN01wIj0dPO1pGFIGw&sig=Cg0ArKJSzKhRAhk_DRIlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EA9C 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
c5b378014548cbfe9f4b73a4d8b7e2124dfb3c0ee5d06148938e74682ab091be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27972
x-xss-protection
0
server
sffe
etag
"1161 / 203 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA9C 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:32 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame EA9C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59315
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame EA9C 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2907386859.Line%20Item%20ID.5801406712
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame EA9C 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
1
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
ZThC2RoFYvRLvyc-jjcBTpo-wAWhREGBaq_LKoPSOSuKlmZf1AvXjw==
expires
Fri, 18 Mar 2022 09:17:31 GMT
match
c1.adform.net/serving/cookie/ Frame 4EE0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B93E2E12-AA9E-4220-8310-B08598FC53B9
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9150
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
1 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 02:12:56 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug006:0:357
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:32 GMT
via
1.1 varnish
x-served-by
cache-ewr18122-EWR
x-cache
HIT
x-cache-hits
0
x-timer
S1647594752.185353,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 251D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug013:0:765
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4256 109297d master ord-pixel-x57 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Expires
Fri, 18 Mar 2022 09:12:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 439B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbjAwN0VhSm9BQUF5YXAxcGlhUQ&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGn007EaJoAAAyap1piaQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8297679604156303488
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAGn007EaJoAAAyap1piaQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8297679604156303488%26bee_sync_partners%3Dpp%252Cpm%2...
  • https://match.prod.bidr.io/cookie-sync?userid=8297679604156303488&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGn007EaJoAAAyap1piaQ
42 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGn007EaJoAAAyap1piaQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 03:12:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug023:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGn007EaJoAAAyap1piaQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B10E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug017:0:368
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Fri, 18 Mar 2022 09:12:31 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Fri, 18 Mar 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2219375
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame 8F70
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_174ff51fcf874097873f0
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_174ff51fcf874097873f0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug011:0:495
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_174ff51fcf874097873f0
content-type
image/gif
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 366C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IXpJUf0fTLpw23126tpzuWAJ-So
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IXpJUf0fTLpw23126tpzuWAJ-So
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 02:15:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug008:0:359
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IXpJUf0fTLpw23126tpzuWAJ-So
Content-Length
159
Connection
keep-alive
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3C69
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
42 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.37.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-37-161.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
x-lat
va1pug015:0:613
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame 027E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8af7dc84-a69b-11ec-9692-13cc52d00862
42 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8af7dc84-a69b-11ec-9692-13cc52d00862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug001:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8af7dc84-a69b-11ec-9692-13cc52d00862
X-RealServer-NX
lga-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 2ADD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6edcd8e22b41d157-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1526
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6edcd8e16a7bd157-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7057
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mXDI4agD1Nv8EU5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mXDI4agD1Nv8EU5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug019:0:442
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 18 Mar 2022 09:12:31 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mXDI4agD1Nv8EU5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0cc57b327582b3ba9@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 15E7
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=656893234070
42 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=656893234070
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 00:21:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug010:0:450
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=656893234070
Pug
simage2.pubmatic.com/AdServer/ Frame 4877
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=5036F47B1E164C5B8C56BBC185A6E0FD
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=34B9E82E4748403EAA98BCED7FCDFCB4
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=dda93a40-6aab-4712-aa91-e6ce437f8a4e
42 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=dda93a40-6aab-4712-aa91-e6ce437f8a4e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug003:0:652
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=dda93a40-6aab-4712-aa91-e6ce437f8a4e
Pug
simage2.pubmatic.com/AdServer/ Frame 1F65
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&rndcb=2430034661
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=7c645530-439f-430f-be08-f3bda86d545b&google_hm=N2M2NDU1MzAtNDM5Zi00MzBmLWJlMDgtZjNiZGE4NmQ1...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEApJARQHKVkopLUXnCYUbP8&google_cver=1&ssp=adconductor&bsw_param=7c645530-439f-430f-be08-f3bda86d545b
  • https://sync.1rx.io/usersync/bidswitch/7c645530-439f-430f-be08-f3bda86d545b?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 00:12:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug004:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Pug
simage2.pubmatic.com/AdServer/ Frame F25B
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7008811521702904394&uid=Q700881152170290...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7008811521702904394
42 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7008811521702904394
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug015:0:655
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.4.6 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7008811521702904394
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=74605
Date
Fri, 18 Mar 2022 09:12:32 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9768
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uT4uEqqeQiCDELCFmPxTuQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32870
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 18 Mar 2022 18:20:22 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame 9768
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
SPug
image4.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a41e6234-4cfd-4600-9afd-9c92d96c3201
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
MT3 4256 109297d master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjkzRTJFMTItQUE5RS00MjIwLTgzMTAtQjA4NTk4RkM1M0I5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 03:55:58 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQyr0Y-b31ptkPzhP9QG9k&google_cver=1
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQyr0Y-b31ptkPzhP9QG9k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:00:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQyr0Y-b31ptkPzhP9QG9k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
42 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 03:59:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Mar 2022 09:12:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:12:35 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug009:0:426
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f67a371d-f285-4ca2-be6f-f2af79502cb4
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
B93E2E12-AA9E-4220-8310-B08598FC53B9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9768 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B93E2E12-AA9E-4220-8310-B08598FC53B9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HGhXs79E2uW0DAzKEG_j.jNrvfwbf.4-~A&gdpr=0&gdpr_consent=
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HGhXs79E2uW0DAzKEG_j.jNrvfwbf.4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 06:39:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HGhXs79E2uW0DAzKEG_j.jNrvfwbf.4-~A&gdpr=0&gdpr_consent=
date
Fri, 18 Mar 2022 09:12:32 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6359460436251910749&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6359460436251910749&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:461
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:32 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f1f5eca3-530c-42ee-b977-b6f2661e2f9c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6359460436251910749&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b9369c0ef15121c&is_secure=true&networkId=17100&version=1&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6_kKU1DQN4Z-QLAAAAAAA&expiration=1647681152&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&...
42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6_kKU1DQN4Z-QLAAAAAAA&expiration=1647681152&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug005:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6_kKU1DQN4Z-QLAAAAAAA&expiration=1647681152&nuid=B93E2E12-AA9E-4220-8310-B08598FC53B9&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent=
1 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:403
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a1de752-a69b-11ec-92c5-fb53764b0872&gdpr=0&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:31 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8ae68ee6-a69b-11ec-a075-c7b85425fa6c
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 9768 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-length
0
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&ssp=pubmatic&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c645530-439f-430f-be08-f3bda86d545b&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c645530-439f-430f-be08-f3bda86d545b&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug003:0:667
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c645530-439f-430f-be08-f3bda86d545b&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 9768
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_ECEB475D_E7E4EC2A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Server
204.2.255.233 Newark, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-330581552; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:32 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-330581552; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug017:0:436
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9768
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486416200911656969
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486416200911656969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 02:15:08 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug008:0:398
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486416200911656969
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sa
ted.dailymail.co.uk/s/ 		65 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a88::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55d94347ffb0b15c7fc206c28174366ab659827921195086bafcf394111c74ba

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-a1-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		65 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
00a8f0ddc991d9e69d41d8b1864f95b18409e9f54682175687210bacc0c21549

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-c4-fe.rdg.mol.dmgt.net:8180
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame CCF3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 23:39:41 GMT
file.mp4
r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 41F7 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-ab5l6nzd.c.2mdn.net/videoplayback/id/4d3c8b833d0d4e73/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130751/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F319BF581EE5D2C959CC616C14CD896F6A9B973.8079E487EB76C2409EDF17C7F66A65544E021208/key/cms1/cms_redirect/yes/mh/AJ/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzd/ms/onc/mt/1647593599/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:401e:2b::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
77b79363fa6608ffee75711cae147bebdc34b23d7863a25c30c175edeaaa7de3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1406520/1406521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1406521
expires
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Wed, 12 Jan 2022 18:51:21 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 41F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l0w7dium&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F4d3c8b833d0d4e73%252Fitag%252F346%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1679130751%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F111502D0CA00FF50D27CD81022B4E8CEE1593E44.AD4D4C5B5B128A3196C8BBD091B0DA3399EEC32F%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm_:onejs_load_evt@v=242,onejs_exec_time@v=3,aax_load_time@v=231,aax_load_time_one_tag@v=231,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 2347 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=242,onejs_exec_time@v=3,aax_load_time@v=231,aax_load_time_one_tag@v=231,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=9f01ecad-b47b-45da-a5de-da9595e4452f&session=5a4c7d42-6af2-43ae-b396-055f8b25de4f
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:31 GMT
x-amzn-RequestId
361975ac-388a-4422-b1d4-2fd4af0209a8
Content-Type
text/plain
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame EA9C 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=589110
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1PoDpzjfb3a1s%2BoVjXC7bSNMb77fGJhls%2FdEPViBJ1Pp5tQ0rrYwkrQjMBQGUOrXmxGvPcXRDF8%2F8xfMOGryBcTpL9qjswpeUXSYOlO6ldivgFXlmKMRO9n1Lmlzte9X5axB7jeQdB%2BHZ%2Btg%2BeNA5HR2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8e1ac510ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1usqed_hyHO1UA4Y5S
pixel.gif
px.moatads.com/ Frame EA9C 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693276204%3A-&de=988862315112&t=1647594752252&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2907386859%26moatClientLevel3%3D5801406712%26moatClientLevel4%3D138369571796%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693276204%26zMoatPS%3Dmpu_puff_20%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=202102217&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:32 GMT
truncated
/ Frame EA9C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a48dba3cc08ef65b3a05acba15a019bb4cf367772a41a85f8452defcf60e06bc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ Frame EA9C 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34360
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 23:39:52 GMT
8b8565e4-356b-4a67-9b74-68268a5f9bc5
https://www.dailymail.co.uk/ Frame EA9C 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/8b8565e4-356b-4a67-9b74-68268a5f9bc5
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
getad
aax-us-east.amazon-adsystem.com/x/ Frame EA9C 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
Server
x-amz-rid
21002K8HM0GG0XAJ0J8C
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
integrator.js
adservice.google.com/adsid/ Frame EA9C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EA9C 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1432210398034083&correlator=1220435805459190&eid=31065691%2C21065724&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&adks=3166535583&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=in2w_key9001%3D1%26abv%3D4.1.93%26adx_channel%3D3%26amznbid%3D1%26amznp%3D1%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D168a1a5cd625cdb4%26hb_adid_33across%3D168a1a5cd625cdb4%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_pb%3D0.04%26hb_pb_33across%3D0.04%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.04%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_puff_20%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D189%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2-52%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h52h--qgz%26in2w_key7%3D842%26in2w_key8%3D189%252C190%252C191%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D12&eri=4&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594752391&dlt=1647594752132&idt=222&biw=1600&bih=1200&isw=300&ish=600&adxs=978&adys=4731&oid=2&ucis=lwf0l1mkalwk&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x18&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594752&ga_hid=1357052886&ga_fc=true&btvi=1&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
1bba871951649ca3e426816d6268387300becc1349928bb4201ac3401184a343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17580
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376929203
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:32 GMT
expires
Sat, 18 Mar 2023 09:12:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D10645%26vmtime%3D92%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647594752554;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=part2viewed&ad_mt=92&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D10645%26vmtime%3D92%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 41F7 		0
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiQ_AlRc1cS1aa72PuiTCC5WhZu3xq47Hyfy-4cWvKD6hReh2ov0whmB4RHrFGSKlt0PQ9atKWreA36lX8x-IYWXSr_z1WKAkFfGINkjDHs_sGS7yFevudch2NcxGnEQwGnI8ePH0GULnTnKBlF65KIpgc-_B1XR_nNAYn4Ja_JmyDTdgGsP2ONvZBfLKAjVzlo_MGkZ5Uz4wZuDqLyWeAC_cLjlOdEzONJlp7hXwHz7-FJCYG376jb4MYXCXV_eWBZCr_K3GkL7gjEVTfNDoPv3KRZhxEYX3b2pLXkBxurQh7jjVqMX1f1BwwFwsVr4WnNKVlC77-mTGA0PL5E4hGK0YfNhp9X7NN2bi1lx-E0jI-PGvHXAQChsC8U9wRLO3VisdqAMoTpdSzKcC1xauMA_w99-9Sw64X9dVBGEKAWBQGFxxsdAq5W1Yk2B1WH0_RC8qYybpgHotav7oFz8Em4nXTwtw2V6_Ab0D41rA3YB-6f2o8Gk-Rgxfc4LFze_3QwWCnj-zOA6eLCj5WklyVRWGTw7dabwt9ENF4pw0TbrUS3Tm-RPLEGCPtEJN7vTwtO_s_Rib0_NPK-I6zyc-zVOrCPP15C2hwBkZEzYq78IquX8FmfPrdGD44x2MDxudUGtHVoGpnCGGLLaW1dTMDCxa5bi20eUdR2-wKWgURu-QUB0L2RiuL70neXv2c9XILsK63LBmm2htuMHww2wUk77d8wyNfC1CxBwxjhkhlHbPPYiiWJ9OKRJwMHcwSDo-AbWO0jsK0Gg9WbYCgLF3QK0zQ7tfoKZ3dBnO-jtpypZhPIY0pigTPO5Wwau2nasMiQhTtf99hxyBkT8pMvLabmc6apCXlVx80MoU9qYNuUtXqQ58A4pbI12tD16JP2mW9euBv15PI2bzPX0zquxYV9YD_fNxThRu58a0nLGALMkB6H1n4WDvb2r53pGkY6u3_RC4xJjnNAkNpscQNt6_qYTEJX4Xbl9QnfwEzze8D9LEdABweScIRzWqrIZhU7BYFv9lXEsLCfyykTVQbZJCNlr-2OK2Ei2Wt_KOG_C59gPZpPdJo9XZ2o3jrdsV_ruwSkKjkQFbx0hAVjcqsZ60zAPr5xTlYPEf7lCQIuegUjroahGmoO8TvlHG0RgQRRA&sai=AMfl-YRo_R08WSIKxYZWaqhoTOAa1giCM6JsM7xIgq3G50Ka5Dc7wDkWET7eIasB-o6X0iH2-v6ch7h6Rwn3ThSD3kIIn7GCziBSSpGb7I5pbMx3OjZUQ7gwNT3R4H6URvVYt5wg22CuA6X8-batGlZc82DE8lTxs-6zkPvkLv7C8vRP2aSyrnGo0dfTRMLXYcE6jZUsXHBWYrByMF1NXJln_g&sig=Cg0ArKJSzCDntZ15wfiiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 41F7
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COeI_s0CEJ2UotACGNDrzb8BIAEwAQ&v=APEucNWLOBRmHNwsDlfKCEU22Lp--jZ6hRqZQHgVtMyIqZdpb8vXoFdRjBLRnTNk1lBiJwYeWSPi-b-K478IRbaxef3j69UHuA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:32 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBctLpH6ScpLeSvtkdpucO0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D10645%26vmtime%3D92%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647594752554;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEbE72o5hgZyfKvwTArgdHPGbnzBr5Fn42qHw6GBhUAgQupo_KlirGzmzWKmWKH1aIqEy3OdPf97sCoSmh6wEM9N_z7xICTI685D65-E1xP0Vk7xA&sai=AMfl-YTdcf9K5oUzbmVtcPE50FHPZMXpWzGFZoGP1UYasWxCctUF7yCypBsw2DpxHhJzfgieI-4l_RQMXUw8b3BvA8viqCiGzbxmHzCFgiw7gDzUlPrT_gZI6F-TqsA&sig=Cg0ArKJSzGmcz7bsydIgEAE&cid=CAASJORowlt1s59gUABx6A3QWbEntoDn2DYYNO4HlQtsX78cX-AiQA&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D10645%26vmtime%3D92%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1647594752554&avm=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=vast_creativeview&ad_mt=92&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D10645%26vmtime%3D92%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 41F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l0w7dj35&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&dm=10000&event_name=first_play&asset_bytes=218100&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ru~videopreviewstarted.1rw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pw.js
cdn.includemodal.com/ Frame 5920 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5824
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594753.646897,VS0,VE0
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
55
view
securepubads.g.doubleclick.net/pcs/ Frame 5920 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8_O4Bzb816un1xhtqpf752bwccUhSY9DZuA-B0QdqagjuqDZiijgQwBq5x2X73NMdxdbRLZFNBmC9mwFYmZ7X1QcJxwlpSpl0miSEStTZtm6VxG2HCOs0TxHXXT2M5CIe9nv2jlIQfCVn_tXDe2I7jcQWCbeJqFERnn6XHFxbKN8S-RcplP5sE7nsQsf7ykmwvBi5tZkcsxt1ykO9oarWHT2vvroFeZFSpNAMkOxTbrVGTd5RqLASpJDEDFfJX8LZnhystHT8MqW0e-mVBMRfqQt_dkNxex9R_jdgeUYApWP3ml7qAydLoFYhEvSgw-p0FUX1ToSoDRkHHFffDotGNnujOdYQJD2E9w&sig=Cg0ArKJSzFwdgMPvQsDjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5920 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
8cba6d61cdff0102d3f409cb17694bd820013877c2f1f9fc8724f6d020c927ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27844
x-xss-protection
0
server
sffe
etag
"1161 / 130 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5920 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:32 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 5920 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59315
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 5920 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2907386859.Line%20Item%20ID.5800174260
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 5920 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
1
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
pGBrCMWSNWXOz7MrTYOSw6Ba_iyvEYYPUePW9RwrmKy8Gk6ZmZgrBw==
expires
Fri, 18 Mar 2022 09:17:31 GMT
esp.js
oa.openxcdn.net/ Frame 2347 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 09:40:20 GMT
content-encoding
gzip
age
257532
x-guploader-uploadid
ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Mar 2023 09:40:20 GMT
googleESP.js
js-sec.casalemedia.com/um/ Frame 2347 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/googleESP.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 19:23:40 GMT
Server
Apache
ETag
"e20064-9e5-5d8279649fb38"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1174
pw.js
cdn.includemodal.com/ Frame A900 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5824
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594753.703258,VS0,VE0
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
56
view
securepubads.g.doubleclick.net/pcs/ Frame A900 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOB9ubAFN9_qN4FmHXaeJUtfT-2fHB26N3-fgcL-TkHrVCFicDoNjqwNBUdtJP_43Hoq7emoeFje56MCOiKvHE0kdi6wRaWt1cshFGGO3_N07m9dI2i55khxR8HbAJzq-au1kJfQIoVPl4gwSoi0gOjdLsbRixCymJHQqAOVf0OS3xKjtdDAahiE5_X0nbf3-ZZRxcc7cjEEleDXYt3Y1qRcZmGNsBKcZ_4Wj-AbLCrcLQM5H9aLpo_sqeDRFp7UKBPgX1C40Yp7cMChRv62ZxGB9Be9z3rH9JICbAaXuwXWvx4K7VtAwTyM2cbSoIBWUZDtBz4P7TQvHjhTPWp2rWWW57Iyyc6wjXEo4_9Q&sig=Cg0ArKJSzIKsyVdjTj-dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A900 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:32 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame A900 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59315
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame A900 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame A900 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
1
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
zrYi9pgVB6CMLXv9xuPYzLSEATdEhYiVUx3f4csK0No1y7ljICYUzA==
expires
Fri, 18 Mar 2022 09:17:31 GMT
cm_:onejs_load_evt@v=150,onejs_exec_time@v=1,aax_load_time@v=437,aax_load_time_one_tag@v=437,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame EA9C 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=150,onejs_exec_time@v=1,aax_load_time@v=437,aax_load_time_one_tag@v=437,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=cfab8352-529e-45ab-9fb8-03db3e80f7ab&session=f33440e8-7f7c-4cd5-a0fc-3fa16de1f993
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
x-amzn-RequestId
8cb12e07-f12d-469f-ba64-5127cce53c4d
Content-Type
text/plain
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FFB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvThLieIl9-y3NG5536g9a26Dt6sReKI_YjbVz6FKWitP_GBN7ThOqorbue7y2GmfnRMEacqdoPwaJ3jwPQzbDyHaog6C_YOB66AJai7JrG2bTcq875vnk2fO1uTn7XxisMjeqt1OzzH84&sai=AMfl-YSL5oENgbz9GJ_2Ug6yYra-liBZH28eXVHPQ101j4cEygReX4vgyZGQpmIdIsWd-bkKL0MaKXb8A6-GARI7rREcMjXFnOgXNYI9epKMgE1wzq61ApF3yPrxCwI&sig=Cg0ArKJSzLidj7fAScDfEAE&cid=CAASFeRoO4df2R1_5G_fnaJ5g2io63cAeQ&id=ampim&o=315,197&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1125&mtos=0,0,0,1125,1125&tos=0,0,0,1125,0&tfs=499&tls=1624&g=100&h=100&tt=1624&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1804143546
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache
prebid-server.rubiconproject.com/ Frame 0B82 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cache?uuid=7e3f0bc5-9ffa-41cd-8d5f-0cb263240409
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
59810106d2803e597e2887a7b8bcd1e343aa7e3e4c47a493baf6b96dd97f2009

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
4024
/
crta.dailymail.co.uk/ 		8 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:33 GMT
integrator.js
adservice.google.com/adsid/ Frame 2347 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2347 		68 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=55863995706537&correlator=2481877772994738&eid=31065547&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_10&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250|300x600&ifi=2&adks=1839724902&sfv=1-0-38&ecs=20220318&ris=1&rcs=1&fsapi=false&prev_scp=abv%3D4.1.93%26adx_channel%3D12%26amznbid%3D1%26amznp%3D1%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26hb_adid%3D2012b8b52d06d87b%26hb_adid_33across%3D2012b8b52d06d87b%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_pb%3D0.38%26hb_pb_33across%3D0.38%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.38%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_puff_10%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D185%26in2w_key15%3Do0%26in2w_key16%3D13%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2-_c%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h_cqgz%26in2w_key7%3D842%26in2w_key8%3D184%2C185%2C186%26in2w_key9001%3D2%26in2w_key3%3Dadx842%26in2w_key12%3Doptimization&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594752758&dlt=1647594751750&idt=290&biw=1600&bih=1200&isw=300&ish=600&adxs=978&adys=2847&oid=2&ucis=8xxr7k3329lm&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x36&msz=300x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594752&ga_hid=1227633496&ga_fc=true&btvi=2&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
dd3bc4d8f183582ee2854dc14b56a96cce80b8b65497a192a62f380a95c9f79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21961
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 5920 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=1066811
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1lW%2Fi0fpq40uMECVADhUhJybzXBX%2Fc7fuocAmLur46o%2BEgATvLT67aP6Ur1VmWszD3iuVm4kndC6ji2d7QgtRlpwmONUHgjmqc5pGqlNehDJVojls3xw18ssTJjwAPvOJK1PJVXW%2FGUrGTNTRtcsc7U%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8e539600ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1ussmj7j7JafwIacfR
view
securepubads.g.doubleclick.net/pcs/ Frame EA9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst21kTJ6GeEYwqZRpMmSGShulYG7egBpeSMVHQsrMu-VJJDK_EIsLHVTi546-FEsGPZYEATcLl_cLKjiqkdQILBbXuZbLLRw7GN7a9gzKKtFuQFCVd-kevYr3VdCDtfzSclanBaOCaVeYoSWQJnORQtDx1ucJc8N7t852cROl3_p7Ksg4hZsTH_FV32TD_PqRF5cWD6WZv2YWPLQX21Ka1m-uSug7d08NmLcsPJ5WmZD9-ZJ2Z2VO3NVWUl1qVJcohgmIQS2a2XbWQvXtKy-7b-wo_ZwFv2W7-r2Jgq-R1fEem1iGbMH-O8_ZJjQ2VQPaF3n3D11pHTdCwPWUICVZMbz3PPpcajKkE5HNzmy-6N&sig=Cg0ArKJSzB7kIPGEHVVpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EA9C 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e60c90875e9b5c5074f17ca9f1df61842b1200c46dbe9c0e3fce1fbb3dc64001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10454
x-xss-protection
0
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame A900 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=163546
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg%2Bxou8uhrkdY3zW9K4sa20OPlqUwlH532V0q9wJEvSpAEO6i%2B7Bwlm5N1cVkMJ7tNbJ%2Bp5PcW1XwNpD3PFkk1KxE5R%2BC6L29ixaLG6rOa8b6L4fHPnjYPm93SXwGesPgHPPrhekgWt0HBTv%2Fc9KmMWW8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8e5597d0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1ussrxaMtwc4UIacgB
pixel.gif
px.moatads.com/ Frame 5920 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A22026445361%3A-&de=477866358705&t=1647594752863&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2907386859%26moatClientLevel3%3D5800174260%26moatClientLevel4%3D138375485717%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D22026445361%26zMoatPS%3Dmpu_left%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=848842383&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:32 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647594748255&de=653648139255&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=5&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2907386859%3A5800174260%3A138375485717&cm=12&zMoatPS=mpu_left&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=22026445361&bd=mpu_left&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=22026445361&dfp=0%2C1&la=22026445361&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=1677646555&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:32 GMT
truncated
/ Frame 5920 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0378c4156fe83f27c9892063eeb7f233e662a90a2631884ea5d689eefd9e8889

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
bb0924e7-f01c-4f18-9ed8-79bf5ca30ccb
https://www.dailymail.co.uk/ Frame 5920 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/bb0924e7-f01c-4f18-9ed8-79bf5ca30ccb
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
pixel.gif
px.moatads.com/ Frame A900 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274347%3A-&de=769284007854&t=1647594752906&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2904122127%26moatClientLevel3%3D5787369563%26moatClientLevel4%3D138376929203%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274347%26zMoatPS%3Dmpu_puff_10%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=1344766982&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:32 GMT
truncated
/ Frame A900 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2723f13a207a4020db32e8ed8360b42c82f96e453750e642104b913738fab7c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
8e5bcc63-16eb-44ff-9007-5dc451eacf8c
https://www.dailymail.co.uk/ Frame A900 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/8e5bcc63-16eb-44ff-9007-5dc451eacf8c
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
btXxJqnWClDtkAjBpZEd
asf-tm.everesttech.net/vast/ Frame 0B82 		43 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://asf-tm.everesttech.net/vast/btXxJqnWClDtkAjBpZEd?psId=3ULOuOEPIKm4jjXMIVZG&price=55FC6852F576BD07&bt=t&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&tm_user_cntry=232&win_url=https%3A%2F%2Frtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net%2Frtb%2Fe.png%3Fe%3Dwin%26aid%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26cp%3D2528462%26slot%3D1%26x_price%3D55FC6852F576BD07%26ets%3D1647594750008%26tz%3DAmerica%252FLos_Angeles%26source%3Drubicon%26fc%3D1%26fci%3D1%26country%3DUS%26region%3DNY%26mc%3D48%26ap%3D0%26ut%3D0%26vis%3DUNKNOWN%26site%3D3ULOuOEPIKm4jjXMIVZG%26bp%3D852940%26curr%3DUSD%26exr%3D1.0%26fid%3DbtXxJqnWClDtkAjBpZEd%26c%3D4118135257%26ccurr%3DUSD%26cuxr%3D1.0%26a%3D460649%26ca%3D721054%26st%3DINSTREAM%257CINSTREAM_VPAID2_DESKTOP%257CVPAID_JS%257CUNIVERSAL_VIDEO%26sh%3D225%26sw%3D401%26rid%3D4212%26mp%3D163%26psk%3D3ULOuOEPIKm4jjXMIVZG%26cfc%3D0%26cfci%3D0%26dur%3D30%26cityid%3D-1%26metroid%3D26%26countryid%3D232%26postalid%3D5349%26duration%3D30%26v%3D1%26auth%3D9jXHc7KxxVqydMJgxmnp5P1ncxQ%26x_r%3DNvs00w&auction_id=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&didtype=UNK&tm_os_group=windows&tm_device_group=unknown&env=site&conn=unknown&q=H4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash
c9a063251f4a5b50cec6ecc4093cfb0e5e7dcc3bde356b1feb7fb8151f06ee26

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-encoding
gzip
x-pt
P=6959 0=1625
access-control-allow-origin
https://imasdk.googleapis.com
x-c
VPS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-h
adserver-ddbbd49cc-lwjnf
x-region
US-East
x-served-by
cache-ewr18122-EWR
x-cache
MISS
pragma
no-cache
server
adobe
x-timer
S1647594753.943767,VS0,VE16
vary
Accept-Encoding, User-Agent
x-failover
none
via
1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ Frame 5920 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 04:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 04:51:52 GMT
getad
aax-us-east.amazon-adsystem.com/x/ Frame 5920 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Server
x-amz-rid
QHSN2BHYK08E5ETN1TNB
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
167.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/167.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
dea2ba6a77f8ae2738e8c8cff00e6ecc93732855f95af7354193ac9b17d3978e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:32 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
id
id.sharedid.org/ 		41 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.19.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-19-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
18f22b1609a9bea9628f5196ac4f81379fb24478b4ccc0742066502597ad33e1

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
41
expires
0
rid
match.adsrvr.org/track/ 		108 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=a8r0pns&fmt=json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8aed95a1a114ca3871843957385f60e80ea15863330bd185e60e4ea2b7701a04

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 17 Apr 2022 09:12:32 GMT
sync
eb2.3lift.com/ Frame 700D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
ac8b9182e4a0ac2892625ff41fe832a7a1120e00fd57404ece7a368493c96af5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
text/html; charset=utf-8
content-length
461
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsyncrnd/ Frame 0676 		457 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
7c62797586ed1e43b5b67d8fbbf884ee5d71050f6cd2adcc533dd9a59f23a4c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
292
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2173 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32870
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsyncrnd/ Frame ACB5 		227 B
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
d6d2373fa2f4e78604f95a017030d7f769e319e0188572013671777764181f66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
206
Connection
keep-alive
sync
eb2.3lift.com/ Frame 3ABF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
ac8b9182e4a0ac2892625ff41fe832a7a1120e00fd57404ece7a368493c96af5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
text/html; charset=utf-8
content-length
461
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
pd
us-u.openx.net/w/1.0/ Frame C85C 		757 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
bb97b3ad1f93170123957b8c5e58640d53e43ffc7ab1671f9a690d324be72cdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
text/html
content-length
463
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE26 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32870
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsyncrnd/ Frame 5E1F 		336 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=2&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
31eac1d1fef8ad264e09b7a534e901f912b75d4d9810c09d4ddc21e1887990ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
283
Connection
keep-alive
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsyncrnd/ Frame 1C25 		598 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
205f80aebdb7de23baccd9cc37f8c912495744e1f947c73211833925cfa501cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
336
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 0300 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 18 Mar 2022 09:12:32 GMT
Content-Length
1388
Connection
keep-alive
6f9bf1eb-a85e-4b4b-a87f-218899e3a341
crb.kargo.com/api/v1/initsyncrnd/ Frame F2A7 		303 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=4&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
df34a9b06a303f71147e56895795131326330566d2c415b6951000fe71067b3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Mar 2022 09:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
263
Connection
keep-alive
/
de.tynt.com/deb/ Frame 8FAB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1f668241ee26dfa2db0c2f5fe5dc4ed6418dba1fd6b4c8ac6267cd5baf548f13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
2173
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP004
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
sync
eb2.3lift.com/ Frame 9A7D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c5b7f199b28693cf11badbf75ce324048bb2092222eadca503596875a82068af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

date
Fri, 18 Mar 2022 09:12:32 GMT
content-type
text/html; charset=utf-8
content-length
520
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame BCA1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1388
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame FCEE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1388
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F2A3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32869
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:33 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2D8A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:32 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 293F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c5b7f199b28693cf11badbf75ce324048bb2092222eadca503596875a82068af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html; charset=utf-8
content-length
520
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C80 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:33 GMT
Age
10406
X-Served-By
cache-lga13626-LGA, cache-ewr18137-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 11125
X-Timer
S1647594753.079401,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3AD7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:33 GMT
Age
10406
X-Served-By
cache-lga13626-LGA, cache-ewr18158-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10445
X-Timer
S1647594753.078130,VS0,VE0
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame B453 		601 B
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
ff1e8c656466e4a9e8490471e1c94c604d88b3842a0d864410519d4c46c27f3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
378
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AEAE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32869
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:33 GMT
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 7B82
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
8e92abae529f4ef5b08c07384c6634ab2cd6c44af55f33397c36bc9798397662

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
2173
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP005
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
pd
u.openx.net/w/1.0/ Frame DC25 		601 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
ff1e8c656466e4a9e8490471e1c94c604d88b3842a0d864410519d4c46c27f3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
378
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
de.tynt.com/deb/ Frame E2B8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
8e92abae529f4ef5b08c07384c6634ab2cd6c44af55f33397c36bc9798397662

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
2173
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP005
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
pd
u.openx.net/w/1.0/ Frame 93D9 		601 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
ff1e8c656466e4a9e8490471e1c94c604d88b3842a0d864410519d4c46c27f3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
378
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
de.tynt.com/deb/ Frame 42D7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
65915660f14f458f00de1f94a3f1d197844330b764576cbe7332975bbcf28360

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
2173
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP001
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
/
de.tynt.com/deb/ Frame B618
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
13001b93b4dec551b6e75bb5df3ffe8b31659c4527a35ff424f54c8754e9adaa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1756
date
Fri, 18 Mar 2022 09:12:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
8340000A
server
33XP004
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
content-length
0
date
Fri, 18 Mar 2022 09:12:32 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 683D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:33 GMT
Age
10406
X-Served-By
cache-lga13626-LGA, cache-ewr18164-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10503
X-Timer
S1647594753.078538,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E063 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1388
Connection
keep-alive
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=themediagrid&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=themediagrid&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=themediagrid&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4YjY5ZjAwOC1hNjliLTExZWMtYWIxZi0wZWUwNTZjM2Y2YzE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDgRKQ9LCDeLD4QTc3cSBuM&google_cver=1&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
date
Fri, 18 Mar 2022 09:12:34 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&_origin=1&gdpr=0&gdpr_consent=
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=0&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
date
Fri, 18 Mar 2022 09:12:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
esp.js
oa.openxcdn.net/ Frame EA9C 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 09:40:20 GMT
content-encoding
gzip
age
257533
x-guploader-uploadid
ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Mar 2023 09:40:20 GMT
googleESP.js
js-sec.casalemedia.com/um/ Frame EA9C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/googleESP.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 19:23:40 GMT
Server
Apache
ETag
"e20064-9e5-5d8279649fb38"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1174
pw.js
cdn.includemodal.com/ Frame B464 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5824
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594753.020425,VS0,VE0
date
Fri, 18 Mar 2022 09:12:33 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
57
view
securepubads.g.doubleclick.net/pcs/ Frame B464 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpFf6pHeohCZt7DKysAiV9UZPmQ4I5Est7WIkuVj5hPwIGtoSBKlVg-_wIPE3MkfTBs_6y1GA0an91P4AIZLNWeHUkukFKDenGNgfspgwv0fdfniuzQfXZt3lLnABMNEFBAolXMLIHBy3DmzyQm3-tAACqu4pDQ7H3Va7PYq0nPmyQgQinHsilDJmfpL4vzSEo4OF0bEPEQIsVG_0RseNAhl27iGadwC7hKjNGvOUKwNpTZYJmYjzXRhrWWjPAgbK7Kj3bbwIogKc3EQY_woEBohhQxSIeGuCzGifatCMfFx9s8w6zD8XqSgpe8oxsXdE2xfhEBkXkKE_0t2xTRhValiwM-BKmNvgoWwDsYQ&sig=Cg0ArKJSzKzvJ-8OktDcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B464 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:33 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame B464 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59314
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame B464 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame B464 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
2
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
WDODUZ9CXcAz6Csd_T-sfCB3BhrtT9HIOVxMYaKQdHbfa4XV7SYRkg==
expires
Fri, 18 Mar 2022 09:17:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EA9C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:34 GMT
cookieSync.html
js-sec.casalemedia.com/um/ Frame 2AC6 		130 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/cookieSync.html
Requested by
Host: js-sec.casalemedia.com
URL: https://js-sec.casalemedia.com/um/googleESP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 22 Oct 2020 14:12:07 GMT
ETag
"e200fb-82-5b2430c98a4bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
113
Date
Fri, 18 Mar 2022 09:12:33 GMT
Connection
keep-alive
pw.js
cdn.includemodal.com/ Frame 3FD0 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5824
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594753.065313,VS0,VE0
date
Fri, 18 Mar 2022 09:12:33 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
58
view
securepubads.g.doubleclick.net/pcs/ Frame 3FD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDja0pyifb8I8ZHIIg5ru7e-x7WDIWsLW6aAQkx_MxIGzf9uQ42vEEp3rPWJws1J08c4Oov5IUpzTrekTr6lOLqbGVkxA1qGT6I1rk8pqWHcpMq9H7MrX8-VCRx6sngkQBoHYKmW6TvtOJwkV9xDMBtLoBenNBkkhoCSEEWw3dsourbKtJwIm3UYYvn7-XWnotpzfavOqDum8O-nzOCoU_fTP3bttwG_FOePtPKVwmRGfMph-H9r78i2mHlrBzmEOI1MSnCu0bI3RVsj_SuJLk6QW4dl1W4MPD_BZuuhOtNF346tbESDPFviU7TIAt9GEu3KfN-27lrIm_cSkIM4IQCFaPUdS7b6g14IMDb2uD&sig=Cg0ArKJSzAtoE4CdFm8aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3FD0 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
2b6ae1270bd7f8130702084d1bd442e037be9b606cb030ea1960aaf3ba689e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27853
x-xss-protection
0
server
sffe
etag
"1161 / 617 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FD0 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:33 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 3FD0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59314
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 3FD0 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2907386859.Line%20Item%20ID.5802149408
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 3FD0 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
2
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
CveoaB28QIc1LynPmEitY9gqX5dWC6DWC695b1rWcZYZTD2apX-p0A==
expires
Fri, 18 Mar 2022 09:17:31 GMT
getad
aax-us-east.amazon-adsystem.com/x/ Frame A900 		50 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Server
x-amz-rid
K4RW3WTT5S11REQ3MDCY
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
unip
trc-events.taboola.com/1125455/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1125455/log/3/unip?en=pre_d_eng_tb&tos=4910&scd=6&ssd=1&est=1647594748165&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1647594753076&vi=1647594748161&ri=0d6da89cdbde260a68eee94a7d7d4cf1&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&ref=null&cv=20220313-3-RELEASE&item-url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
integrator.js
adservice.google.com/adsid/ Frame EA9C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EA9C 		68 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1432210398034083&correlator=1220435805459190&eid=31065691%2C21065724&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250|300x600&ifi=2&adks=3166535583&sfv=1-0-38&ecs=20220318&ris=1&rcs=1&fsapi=false&prev_scp=abv%3D4.1.93%26adx_channel%3D3%26amznbid%3D1%26amznp%3D1%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D168a1a5cd625cdb4%26hb_adid_33across%3D168a1a5cd625cdb4%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_pb%3D0.04%26hb_pb_33across%3D0.04%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.04%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_puff_20%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D190%26in2w_key15%3Do0%26in2w_key16%3D12%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h52h--qgz%26in2w_key7%3D842%26in2w_key8%3D189%2C190%2C191%26in2w_key9001%3D2&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594753164&dlt=1647594752132&idt=222&biw=1600&bih=1200&isw=300&ish=600&adxs=978&adys=4731&oid=2&ucis=lwf0l1mkalwk&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x36&msz=300x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594752&ga_hid=1357052886&ga_fc=true&btvi=2&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
10556701793a010ae0ade2556870e0e92176ee5cf324e2d37f3f429a8b73a9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21887
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647594748255&de=188198157065&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=6&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2904122127%3A5787369563%3A138376929203&cm=12&zMoatPS=mpu_puff_10&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=21693274347&bd=mpu_puff_10&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=21693274347&dfp=0%2C1&la=21693274347&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=1576776458&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:33 GMT
moatvideo.js
z.moatads.com/mailonlinejsvideo243552997523/ 		317 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlinejsvideo243552997523/moatvideo.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.13.0/scripts/mol-fe-videoplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
be20a59e070868c27c97175e33f4b7bc42128bf2ef2a5102d033cd0ca1c821c6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:18:55 GMT
server
AmazonS3
x-amz-request-id
AZVQCDPN69JH09SY
etag
"cd37cd1f2eb896d9e344b88ad8cb9e84"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=52893
accept-ranges
bytes
content-length
108257
x-amz-id-2
EyxhI0BuywYup21WgehP6Byw2sB2KOsNvBH6UVkxape3FYq3/gbX9ATGgs8ygUEJFyMpYB41YP8=
xuid
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 700D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 700D
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8ede8cd8ca5-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 18 Mar 2022 09:12:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E40952C5D7E1499B8642AAC2B30F17D6 Ref B: NYCEDGE1721 Ref C: 2022-03-18T09:12:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXaeowLHjXlU5YSzr/NEg==
xuid
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2230631680262455077259?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2230631680262455077259&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=7c645530-439f-430f-be08-f3bda86d545b
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=a1aab94b-3281-4bf3-a90c-f31056463a9c&expires=10&ssp=triplelift&bsw_param=7c645530-439f-430f-be08-f3bda86d545b
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 700D 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2230631680262455077259&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
etag
"eee28e6e5f2ed81:0"
last-modified
Wed, 02 Mar 2022 18:00:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4EB9257DBA65455D93CC225F6289DFB1 Ref B: NYCEDGE1420 Ref C: 2022-03-18T09:12:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 700D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 700D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
DBM
crb.kargo.com/api/v1/dsync/ Frame 0676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_cm&google_sc&google_dbm&gdpr=0&gdpr_consent=&us_privacy=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028
  • https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEL7BR5gTWwb08wG3kpXorBU&gdpr=0&gdpr_consent=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEL7BR5gTWwb08wG3kpXorBU&gdpr=0&gdpr_consent=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://crb.kargo.com/api/v1/dsync/DBM?exid=CAESEL7BR5gTWwb08wG3kpXorBU&gdpr=0&gdpr_consent=&krgids=45a9c399-4909-4873-b046-5ca04d031e31_4fb1b838-50eb-beb2-fc23-7e189ad55028&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv360_cb
crb.kargo.com/api/v1/ Frame 0676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kargo_dbm&google_hm=NGZiMWI4MzgtNTBlYi1iZWIyLWZjMjMtN2UxODlhZDU1MDI4&gdpr=0&gdpr_consent=&us_privacy=
  • https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://crb.kargo.com/api/v1/dv360_cb?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ttd
crb.kargo.com/api/v1/sync/ Frame ACB5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=0&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=f67a371d-f285-4ca2-be6f-f2af79502cb4&cbid=b3b434c0-5c90-4952-ae6b-b5b803f2e585_4fb1b838-50eb-beb2-fc23-7e189ad55028
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
363
xuid
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGre9SJraf9OqbnY6uZ3bzI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3ABF
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzMDYzMTY4MDI2MjQ1NTA3NzI1OQ%3D%3D
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 3ABF
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2230631680262455077259&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8ee69318ca5-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 18 Mar 2022 09:12:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: ED6DA02D0BDF4434A23529F1B28F522D Ref B: NYCEDGE1721 Ref C: 2022-03-18T09:12:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6c7f6702-b789-4025-bb66-fd8c70d7e428&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXaeowLx9sikpqKnHhREg==
xuid
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2230631680262455077259?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-FGTezjJE2oSoJs4l1zx1tdZiZWmcZR2HxKkhQCyU5Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2230631680262455077259&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=7c645530-439f-430f-be08-f3bda86d545b
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=d536f042-19b6-42d9-88ca-c1eb8d591069
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=7c645530-439f-430f-be08-f3bda86d545b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 3ABF 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2230631680262455077259&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
etag
"eee28e6e5f2ed81:0"
last-modified
Wed, 02 Mar 2022 18:00:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7BC3C05077A34A608CDB2707B96123B6 Ref B: NYCEDGE1420 Ref C: 2022-03-18T09:12:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 3ABF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 3ABF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NBBTSY27JJ4HK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=hC9c_JxukxkuB_-lTGAw
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C85C 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=3e3612b0-8c29-4fd7-8cb3-8433579b59be
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame C85C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=168ce2c5-0f44-4819-9575-ddeff3b46cdb&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
date
Fri, 18 Mar 2022 09:12:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame C85C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=6d8e1e2a-1a69-4430-992b-9c165d8cf96a
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEE7iQI6yTq8ZAbjKHEomQ88&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEE7iQI6yTq8ZAbjKHEomQ88&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEE7iQI6yTq8ZAbjKHEomQ88&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C85C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6359460436251910749
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6359460436251910749
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b248e1f-398d-4db5-b3c5-3a4afac5d117
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C85C 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=609e1d31-cb84-c9aa-065c-9e720c245352
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WSAQCKG9MAF9MQSSVPBQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C85C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3142368608644553920&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bidswitch
event.clientgear.com/gogocookie/ Frame 1C25
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=kargo&redir_url=bada48c5-e4e6-42e9-aade-5845ab91df36_4fb1b838-50eb-beb2-fc23-7e189ad55028&gdpr=0&gdpr_consent=&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-length
0

Redirect headers

location
http://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=kargo&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
date
Fri, 18 Mar 2022 09:12:33 GMT
content-length
0
4fb1b838-50eb-beb2-fc23-7e189ad55028
crb.kargo.com/api/v1/sync/mediamath/ Frame 5E1F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=65&redir=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2Fmediamath%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3Dce9416bd-d24f-406b-b679-fa2255997ecc%26gd...
  • https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=ce9416bd-d24f-406b-b679-fa2255997ecc&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=ce9416bd-d24f-406b-b679-fa2255997ecc&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=2&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://crb.kargo.com/api/v1/sync/mediamath/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=ce9416bd-d24f-406b-b679-fa2255997ecc&gdpr=0&gdpr_consent=&us_privacy=&exid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
4fb1b838-50eb-beb2-fc23-7e189ad55028
crb.kargo.com/api/v1/sync/AppNexus/ Frame F2A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FAppNexus%2F4fb1b838-50eb-beb2-fc23-7e189ad55028%3Frid%3D04078b8d-71c7-41cd-9ca6-cb3599e478e7%26gdpr%3D0%26gdpr_consent%3D...
  • https://crb.kargo.com/api/v1/sync/AppNexus/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=04078b8d-71c7-41cd-9ca6-cb3599e478e7&gdpr=0&gdpr_consent=&us_privacy=&exid=6359460436251910749
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/AppNexus/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=04078b8d-71c7-41cd-9ca6-cb3599e478e7&gdpr=0&gdpr_consent=&us_privacy=&exid=6359460436251910749
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsyncrnd/6f9bf1eb-a85e-4b4b-a87f-218899e3a341?seed=dae247a4-fb25-4433-a7b5-d37e69bd1b91&idx=4&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.206.228.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-228.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
177034cc-e518-4f9b-b7ff-c02a9cbe182d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://crb.kargo.com/api/v1/sync/AppNexus/4fb1b838-50eb-beb2-fc23-7e189ad55028?rid=04078b8d-71c7-41cd-9ca6-cb3599e478e7&gdpr=0&gdpr_consent=&us_privacy=&exid=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2D8A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22115
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame 9A7D 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e7bf4dce-bcd3-4720-a8c6-30b842cd4366
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 9A7D 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e5cd39b-82ef-40b8-b55b-ca0c0a57bd05
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8bb9bd20-a69b-11ec-a675-a3b4193f939c
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594754.603475,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9043bc72-2999-4985-a0e2-11ec48978380
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Date
Fri, 18 Mar 2022 09:12:33 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 9A7D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x52 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3142368608644553920&dongle=d407
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame 293F 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
535ec39b-e6b3-4eff-8611-c1d6ef0e3ada
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 293F 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5a6761c-4c1d-4891-a5bb-6dc127935f08
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAGn007EaJoAAAyap1piaQ&dongle=bzwx
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=8a1de752-a69b-11ec-92c5-fb53764b0872&dongle=d54f&gdpr=0&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8bbe9f8e-a69b-11ec-bbd0-abe8a0c4b996
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&dongle=31ac
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594754.605054,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cf34fbb-a77d-4566-ba83-9ab96e33ac04
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6359460436251910749&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-217a4951-fd1f-4cba-70db-7d76eada73b9$ip$96.9.249.42&dongle=4430
Date
Fri, 18 Mar 2022 09:12:33 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 293F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x49 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=a41e6234-4cfd-4600-9afd-9c92d96c3201&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
84245bd977ad4256a96aaacc72582364
i.liadm.com/s/e/53233/0/ Frame B453
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=c9c1c6ca5b2645bfa8a6841077d29f19
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=fd41e44e80fb42be8689982c1653d0a3
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F84245bd977ad4256a96aaacc72582364%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046...
  • https://i.liadm.com/s/e/53233/0/84245bd977ad4256a96aaacc72582364?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/53233/0/84245bd977ad4256a96aaacc72582364?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
HTTP/1.1
Server
54.86.196.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-196-175.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
MT3 4256 109297d master ord-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/53233/0/84245bd977ad4256a96aaacc72582364?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:33 GMT
709996.gif
id.rlcdn.com/ Frame B453 		42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame B453
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8jfs3qd27drun35f0r8mg0faj79ju2lq

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B453
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
sd
us-u.openx.net/w/1.0/ Frame B453
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8bc1fa7c-a69b-11ec-92c5-fb53764b0872
sd
us-u.openx.net/w/1.0/ Frame B453
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=89671269-38eb-49b4-98c8-ecad05168c0c&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
32954844b19c4a61bbb16784d620cace
i.liadm.com/s/e/53233/0/ Frame DC25
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=0b734c2cb89f4a4bb43c0908b8051260
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=ba1e8c98b0954c7cab9af354fd6414a9
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F32954844b19c4a61bbb16784d620cace%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046...
  • https://i.liadm.com/s/e/53233/0/32954844b19c4a61bbb16784d620cace?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/53233/0/32954844b19c4a61bbb16784d620cace?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
54.86.196.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-196-175.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
MT3 4256 109297d master ord-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/53233/0/32954844b19c4a61bbb16784d620cace?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:33 GMT
709996.gif
id.rlcdn.com/ Frame DC25 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame DC25
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rn6va1e8h6je33lhac04p3b8iag8jllo

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DC25
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
sd
us-u.openx.net/w/1.0/ Frame DC25
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8bc3cfdc-a69b-11ec-a675-a3b4193f939c
sd
us-u.openx.net/w/1.0/ Frame DC25
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A900 		0
0
container.html
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 95B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:12:32 GMT
expires
Sat, 18 Mar 2023 09:12:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
d78ea171eb0f42038e2916f1af324498
i.liadm.com/s/e/53233/0/ Frame 93D9
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&_li_chk=true&previous_uuid=17d8e2b3daa74519b51f4046449f3ff3
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=38febdc8-e0f4-4821-84d4-e0e3ee81595d&previous_uuid=287bdf35a74047878b36c51b7c3535a8
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3142368608644553920
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2Fd78ea171eb0f42038e2916f1af324498%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&17d8e2b3-daa7-4519-b51f-4046...
  • https://i.liadm.com/s/e/53233/0/d78ea171eb0f42038e2916f1af324498?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/53233/0/d78ea171eb0f42038e2916f1af324498?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
54.86.196.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-196-175.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
MT3 4256 109297d master ord-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/53233/0/d78ea171eb0f42038e2916f1af324498?mpid=7156&muid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:33 GMT
709996.gif
id.rlcdn.com/ Frame 93D9 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame 93D9
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5x7rcH6oy34gJlBStw6iCA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mhmfhb0ge16m154j2dhqop137sntkk78

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 93D9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
MT3 4256 109297d master ord-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 93D9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=8a1de752-a69b-11ec-92c5-fb53764b0872
Date
Fri, 18 Mar 2022 09:12:32 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8bc57ce7-a69b-11ec-a989-99eb0930f4ee
sd
us-u.openx.net/w/1.0/ Frame 93D9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csi
csi.gstatic.com/ Frame 0B82 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l0w7dio8&c=7778057433221&slotId=3889028716610.5&qqid=CL3Pr9-oz_YCFTwMiAkd5XAB7A&gqid=_0w0YtvuNqv_zgW-mZ6ACg&fb=ima_html5-lima&sdkv=h.3.505.0&ppt=videojs&ppv=4.12.15&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44750822%2C44756711%2C44758347%2C44758374&vmfc=1&vhc=0&ccc=8&ccrh=4&ccri=4&ccrs=0&ccru=0&ccrhc=true
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.505.0&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0B82 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu37XYjXqCKTErkncqh-btlHgqqMgl_QBM7RKLdeBFW_K3izsYgw62EB-8cwJO0QnnjCtoST55XtqKt629Yfb_QJi9YpZFhtlrfQUeQ84xqb-tPVoQW89bonI5tn_cT4bX6ZNzXNogdHzW-MaOYbpHzRv0yHWHpBrclZbOMw9kCdeTQRKy5KFBAvsrBEHDgBe-Qr4ycCmVg-kwCH80gasKY8jbNNnGIuSsm4w8ptQq_1fQ6tzP0lz6GAEiHXeP-GycIJewjNGhm_nNbOmjNbOK-TvVuFtn7ZDfM-oN0iH4J0PuhvpycolORjmVR2i7j2aQpDM0TIp2hkayfvvb_8IQzdGVnc9bEMdibrZ926m3Z&sig=Cg0ArKJSzFSwUqOMKo3GEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKiQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUh0lAABwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
graph
idr.cdnwidget.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=26YJnTQ3QhagPsmeC7X8vpdNeQa&deviceID=26YJnOUU7Psruh09mrwckHEmpAr&bxdid=326495355294331872&bxvid=1647594751690600&bxwid=4453&gm=false&apikey=2^HIykD&loadID=TokDb5rMkuLDZrI
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=26YJnOUU7Psruh09mrwckHEmpAr&source=web&agent=cjs&deviceid=326495355294331872&visitid=1647594751690600&websiteid=4453&pageviewid=1&sequenceid=3
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pw.js
cdn.includemodal.com/ Frame D60F 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5825
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594753.497030,VS0,VE0
date
Fri, 18 Mar 2022 09:12:33 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
59
view
securepubads.g.doubleclick.net/pcs/ Frame D60F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufIHSmrP9-AziVDD1Km9ZvPMHOvcEmima00sDSdArx6-_O8HF3D9wz2-wNwKucH9RzYlmN4G0530aD9GhODC-0YeBk2dgYA-qsYrcznt2VpVQvogNenN8bIk3z37rYJffc3U1s8lW--ElJoGFavbH97hNa5oGskksJTxVP_PNYpWRdF9a2rzEiXXj7BVQisaVLLt5z-yKam6aLQ6CAevN7kWeQ-nqUIkwX-U7HU62jeZnJkusdvPkL2IT4h3-OjmuRlPzJGFNVB-snxGd2U6gxwWDlwUtWeU1KTaLad5M-5LKjSPoe-p0GylKKKvFB7EU5My5UEYFyH9H2-Tu3hYI7xFAUrtwB_LmdgSnR0IcVJRB2P4Zw1cn-d52-&sig=Cg0ArKJSzCG8Ypsu2i12EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ttj
secure.adnxs.com/ Frame D60F 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=23445757
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e23ea6b3d0b93f3eb3cf7fd23ed1ad3436bceee4f3051bc1ab3dc8afa9318234
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
42d91c36-adac-4e17-ab75-a23640935c2f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D60F 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:33 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame D60F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59314
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame D60F 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5094325174.Campaign%20ID.2940406257.Line%20Item%20ID.5847399795
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame D60F 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
2
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
_ojjzGrOwLYxUF27ZidDpeirHP91vNTfkjg5bb4g32hL9HUgyOtbXQ==
expires
Fri, 18 Mar 2022 09:17:31 GMT
/
crta.dailymail.co.uk/ 		8 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:33 GMT
integrator.js
adservice.google.com/adsid/ Frame 5920 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5920 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514487170398668&correlator=256005128893451&eid=31065690%2C44752586%2C31063246%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C350x300&ifi=1&adks=2340058067&sfv=1-0-38&ecs=20220318&fsapi=false&didk=131155549&prev_scp=in2w_key9001%3D1%26abv%3D4.1.93%26adx_channel%3D15%26amznbid%3D1y4n2f4%26amzniid%3DImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2311148ded2804e%26hb_adid_33across%3D232bbed5088872ee%26hb_adid_pubmatic%3D2311148ded2804e%26hb_bidder%3Dpubmatic%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_pubmatic%3Dbanner%26hb_pb%3D0.39%26hb_pb_33across%3D0.38%26hb_pb_pubmatic%3D0.39%26hb_size%3D300x250%26hb_size_33across%3D300x250%26hb_size_pubmatic%3D300x250%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_pubmatic%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_pubmatic%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.41%26maxbid_bidder%3Dtia%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_left%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D81%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx842%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h33qgz%26in2w_key7%3D842%26in2w_key8%3D81%252C82%252C83%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D15&eri=4&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594753532&dlt=1647594752632&idt=879&biw=1600&bih=1200&isw=350&ish=300&adxs=-42&adys=638&oid=2&ucis=lnhylxz4hm9u&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=350x18&msz=350x0&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594754&ga_hid=2040553901&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
eca030f05b377da3312aa5e1effd4af5d89e474b9bee2c722f2993d40028bcf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17665
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377414314
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:33 GMT
expires
Sat, 18 Mar 2023 09:12:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usermatch
ssum-sec.casalemedia.com/ Frame A4C2 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
510535983f8570daa9e77d7b7cba2c47cefb26ce10143d9184366fd489c4161b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|130|152|41|191|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1318
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 8331 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3de2c6892994f7a26c4df903735b6e48c2c111785158ba233f0cffec133227e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|88|191|218|31|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1705
Connection
keep-alive
cm
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_priva...
922 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
7033799787acadccc5bb1d0fca1e399d8f32ea796be910fd880d61320aa55128

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP002
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
content-length
0
date
Fri, 18 Mar 2022 09:12:33 GMT
match
cms-xch-chicago.33across.com/ Frame 8FAB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 8FAB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Fri, 18 Mar 2022 09:12:33 GMT
match
cms-xch-chicago.33across.com/ Frame 8FAB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&partner_url=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%...
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
match
cms-xch-chicago.33across.com/ Frame 8FAB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753039.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
66a991e9-ef2f-48d5-99b2-8dc496fa6397
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame 8FAB
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753039.6
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=a0rT0o88Cr64kKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=2e16e1fe-8e01-4f13-83c0-b9fa680f36b5&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 94C3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
468f4ba28c56be4a5a5acabe1041afe679c6586a57a0fb3d5ecdd6057e3b8a08

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|88|65|64|31|195|8|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1751
Connection
keep-alive
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 3CC1 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55aeee54a674f6d1c04b3199b0ee816a1cf5678c6ae7c5b7d2838f43ba849a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22984
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 17:21:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:17:52 GMT
match
cms-xch-chicago.33across.com/ Frame E2B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_priva...
1 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c4625332160446ada2d0abd208dbc1c4b0ea0a8d9368591ce3b0fcb5709fd05f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
757
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP001
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
content-length
0
date
Fri, 18 Mar 2022 09:12:33 GMT
match
cms-xch-chicago.33across.com/ Frame E2B8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Fri, 18 Mar 2022 09:12:34 GMT
match
cms-xch-chicago.33across.com/ Frame E2B8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023ee...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26...
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D...
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
cache-control
no-cache
x-server
10.40.43.108
content-length
0
expires
0
match
cms-xch-chicago.33across.com/ Frame E2B8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ca9a7e54-af47-4b1f-b1bb-06e3386b0071
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame E2B8
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753065.6
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=04b2df43-63ea-49dd-90da-71467d806d9b
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=04b2df43-63ea-49dd-90da-71467d806d9b&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=04b2df43-63ea-49dd-90da-71467d806d9b&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cSmLMW88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=04b2df43-63ea-49dd-90da-71467d806d9b&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 3FD0 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=941317
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBBqpA6xzSFY%2BWmDvdlfwSu1fKLzZfhDtbN3WsooDjqXkL%2F0T393ve5d8M2ptYZleIX2zraOHnlZpkKR%2Bl3%2F0YL4YNKc%2BMPW0AP%2FGB5X7QaHy210AmBJcOiDfg6OpIwU7aSHF2dsAJAVndzbxeLZRzmBcA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8eb0f550ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1uswEOgfGAxqAGYxIR
match
cms-xch-chicago.33across.com/ Frame 7B82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 7B82
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Fri, 18 Mar 2022 09:12:34 GMT
match
cms-xch-chicago.33across.com/ Frame 7B82
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023ee...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26...
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D...
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
cache-control
no-cache
x-server
10.40.15.135
content-length
0
expires
0
cm
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_priva...
1 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c4625332160446ada2d0abd208dbc1c4b0ea0a8d9368591ce3b0fcb5709fd05f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
757
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP005
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
content-length
0
date
Fri, 18 Mar 2022 09:12:33 GMT
match
cms-xch-chicago.33across.com/ Frame 7B82
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753065.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c366a722-e54b-494e-9b48-c677c230b518
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame 7B82
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753065.6
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=3f21dccf-ac40-466c-a5de-d7b2d6275b57
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=3f21dccf-ac40-466c-a5de-d7b2d6275b57&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=3f21dccf-ac40-466c-a5de-d7b2d6275b57&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dU5aOA88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=3f21dccf-ac40-466c-a5de-d7b2d6275b57&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 42D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1650186753%26external_user_id%3Df67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1650186753&external_user_id=f67a371d-f285-4ca2-be6f-f2af79502cb4
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_priva...
1 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c4625332160446ada2d0abd208dbc1c4b0ea0a8d9368591ce3b0fcb5709fd05f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:33 GMT
content-type
text/html
content-length
757
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP004
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
content-length
0
date
Fri, 18 Mar 2022 09:12:33 GMT
match
cms-xch-chicago.33across.com/ Frame 42D7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YjRM-vslB2dqu-QqfshUQAAA%26559
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Fri, 18 Mar 2022 09:12:34 GMT
match
cms-xch-chicago.33across.com/ Frame 42D7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.3&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://tags.bluekai.com/site/17724?id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Db16d1398-dea4-4095-89d1-65023ee...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26...
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D...
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
cache-control
no-cache
x-server
10.40.4.30
content-length
0
expires
0
match
cms-xch-chicago.33across.com/ Frame 42D7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753067.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a127c4a-29cd-4bbe-b80c-90b01e150b65
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame 42D7
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1647594753067.6
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
  • https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dYVe4I88Cr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=66&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DC18 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e2840bead36b240163706f9e8d26143bd94c61be92443639e185c92c2b1b804

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
90|111|47|176|130|152|40|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Content-Length
1370
Connection
keep-alive
events
api.permutive.com/v2.0/batch/ 		201 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
58d4785735aef08f0b053f7edd1db728abb1a993e3cbc05c705ef1317248227a

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 3AD7 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
23b2c75f-4ba7-4634-aaa0-4758b5939ba3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 683D 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
37635066-ded2-41d2-bf75-00167b6b7502
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C80 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
47094f01-af5b-411f-9503-92da53e5a136
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame B618
Redirect Chain
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy=&lexicon_id=gg6e0eaa3fdc68a
  • https://ssc-cms.33across.com/ps/?xi=93&xu=3589912411653720389&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=93&external_user_id=3589912411653720389&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=93&external_user_id=3589912411653720389&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=93&external_user_id=3589912411653720389&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B618
Redirect Chain
  • https://pixel.advertising.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=
  • https://ups.analytics.yahoo.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
  • https://ssc-cms.33across.com/ps/?xi=108&xu=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
  • https://cms-xch-chicago.33across.com/match?bidder_id=108&external_user_id=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=108&external_user_id=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=108&external_user_id=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B618
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1647594753068.3&us_privacy=
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=112&external_user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=112&external_user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=112&external_user_id=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B618
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25
  • https://ssc-cms.33across.com/ps/?xi=5&xu=QKodMwjjXFVx&ev=1&us_privacy=&pid=561516
  • https://cms-xch-chicago.33across.com/match?bidder_id=5&external_user_id=QKodMwjjXFVx&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=5&external_user_id=QKodMwjjXFVx&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=5&external_user_id=QKodMwjjXFVx&ts=1647594754&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame B618
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1647594753068.5&ri=85&ru=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%2F33across%3Fus_privacy%3D
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ
  • https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?bidder_id=85&external_user_id=AAGn007EaJoAAAyap1piaQ
date
Fri, 18 Mar 2022 09:12:34 GMT
server
awselb/2.0
content-length
134
content-type
text/html
/
p.adsymptotic.com/d/px/ Frame B618
Redirect Chain
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6&_expected_cookie=9f05f3184f4bef023f06...
43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6&_expected_cookie=9f05f3184f4bef023f0673c69dddc0f5
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8ed08038ca5-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&_rand=1647594753068.6&_expected_cookie=9f05f3184f4bef023f0673c69dddc0f5
date
Fri, 18 Mar 2022 09:12:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6edcd8eb8ec98ca5-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
6359460436251910749
map.go.affec.tv/map/an/ Frame B618
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&ts=1647594753068.7
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62344d01da342e000130b18e%26chc%3Dtt%26floc%3D%26redirect_url%3D
  • https://map.go.affec.tv/map/an/6359460436251910749?ch=62344d01da342e000130b18e&chc=tt&floc=&redirect_url=
0
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/6359460436251910749?ch=62344d01da342e000130b18e&chc=tt&floc=&redirect_url=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
13.225.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-37.ewr50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 94ac78512342d473815908b66b16cd7c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
content-encoding
gzip
x-amz-cf-id
ckXU6hGiNpKFF-fen2ziLUuhzJBo4XOBcAMMDAfbJhjVRHhb8OfEGg==
vary
Accept-Encoding
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
afbd89c6-7cd7-4178-ae2d-5e0c18a54646
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/6359460436251910749?ch=62344d01da342e000130b18e&chc=tt&floc=&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame B618
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&random=1647594753068.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=af231e30-3711-4eea-abed-7905c7506b1d%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttd_puid=af231e30-3711-4eea-abed-7905c7506b1d%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=OuX9gXEj&partner_url=https://beacon.krxd.net/usermatch.gif?partner%3Dtapad%26partner_uid%3D$%7BTA_DEVICE_ID%7D
  • https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=af231e30-3711-4eea-abed-7905c7506b1d
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=af231e30-3711-4eea-abed-7905c7506b1d
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Server
3.217.244.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-244-219.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1647594754
x-served-by
beacon-n037-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=af231e30-3711-4eea-abed-7905c7506b1d
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mapuid
secure.adnxs.com/ Frame B618
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=E7CnJ2I0TP7mznu1HSJN%2Bg%3D%3D&us_privacy=&random=1647594753068.9
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=119024359231037&seg_code=33x&random=1647594753
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=119024359231037&seg_code=33x&random=1647594753
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Protocol
HTTP/1.1
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=acKPZE88Gr64fWaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6903c5ed-9a96-4894-bfd8-ffba08bb312a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=119024359231037&seg_code=33x&random=1647594753
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm_:onejs_load_evt@v=294,onejs_exec_time@v=1,aax_load_time@v=901,aax_load_time_one_tag@v=901,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 5920 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=294,onejs_exec_time@v=1,aax_load_time@v=901,aax_load_time_one_tag@v=901,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=a4bd4136-1528-4502-aa86-5b39d6db01c8&session=04ec6b10-e6b3-4335-a9b6-4401755d2d9b
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:33 GMT
x-amzn-RequestId
b664a4a8-070a-4641-83ee-5490faec04eb
Content-Type
text/plain
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame B464 		0
0
pixel.gif
px.moatads.com/ Frame B464 		0
0
truncated
/ Frame B464 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e215da861b8512e170e596f81368ad67584305991c78917d90a2692e7ec6ac8e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame B464 		0
0
container.html
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA57 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:12:32 GMT
expires
Sat, 18 Mar 2023 09:12:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ Frame 3FD0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274104%3A-&de=559564411225&t=1647594753921&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2907386859%26moatClientLevel3%3D5802149408%26moatClientLevel4%3D138365786354%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274104%26zMoatPS%3Dsky_right_top%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=364499746&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:33 GMT
truncated
/ Frame 3FD0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
356f3a46abc744795644091d4fcf2ff3c46eeefc62ccbcd75f9c7154ffc23d6b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
2fb8a08e-eeb5-4912-b953-4a6c082ce510
https://www.dailymail.co.uk/ Frame 3FD0 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/2fb8a08e-eeb5-4912-b953-4a6c082ce510
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
cookieSync.html
js-sec.casalemedia.com/um/ Frame 1ADC 		130 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/cookieSync.html
Requested by
Host: js-sec.casalemedia.com
URL: https://js-sec.casalemedia.com/um/googleESP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 22 Oct 2020 14:12:07 GMT
ETag
"e200fb-82-5b2430c98a4bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
113
Date
Fri, 18 Mar 2022 09:12:34 GMT
Connection
keep-alive
YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A4C2 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3ea1d46-dcdb-41ac-82bc-e987fd707c7e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3142368608644553920
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3142368608644553920
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3142368608644553920
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e468e9d9-3ce8-4049-a488-bad121e9075d
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e468e9d9-3ce8-4049-a488-bad121e9075d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e468e9d9-3ce8-4049-a488-bad121e9075d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=8af7dc84-a69b-11ec-9692-13cc52d00862
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=8af7dc84-a69b-11ec-9692-13cc52d00862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=8af7dc84-a69b-11ec-9692-13cc52d00862
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-6
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
119
rum
dsum-sec.casalemedia.com/ Frame A4C2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=-mq_kvg76sPhbLuU_Dqhl_o8tJDhb-mXqW5DhYax
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=-mq_kvg76sPhbLuU_Dqhl_o8tJDhb-mXqW5DhYax
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=-mq_kvg76sPhbLuU_Dqhl_o8tJDhb-mXqW5DhYax
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A4C2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 10:01:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 95B6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:52:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 07:52:19 GMT
css
fonts.googleapis.com/ Frame 95B6 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:35:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:34 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 95B6 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 95B6 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 95B6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:07:31 GMT
l
www.google.com/ads/measurement/ Frame 95B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl8gYVcvTJC3DqGiA8ZVgU3_yXulQXA-4B9-Xc_HxRgPB1TgJQcMp8yO4fXuKA3eKwj2daJOL9e0BtC7va2yFCnS4nXg
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 3FD0 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 23:40:24 GMT
getad
aax-us-east.amazon-adsystem.com/x/ Frame 3FD0 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Server
x-amz-rid
P3PK8KSZSDCF6TV0TZ9D
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
crum
dsum-sec.casalemedia.com/ Frame 8331
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ac1da69e-d27c-4419-8d22-75f112ebe911
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8331 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 8331
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 8331
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594754.316260,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 8331
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
119
demconf.jpg
dpm.demdex.net/ Frame 8331
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-005a4f130.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3i7oDPD7RRY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v030-005a4f130.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
TkjHTdf7Q68=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 8331
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Cache-Control
max-age=66400
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 8331
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e22040751a4c367fd91b8&expiration=[EXPIRATION]
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e22040751a4c367fd91b8&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e22040751a4c367fd91b8&expiration=[EXPIRATION]
Date
Fri, 18 Mar 2022 09:12:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8331 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 10:01:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCF3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bo5qy_0w0YvuJMsugMOf9k_gIAAAAADgB4AQC&bg=!2dql2p7NAAba2mK92to7ACkAdvg8WsvwPpQ0CnNvQWN5lfY1WrjYUqzyQwtnucJlLmKgfTqCadC9egIAAAVPUgAAAANoAQeZAzW0clhetcJOvPKvwSUvUVZgdySLyi14ZVaiB6K6KEXY8dhKm4SYkeNAAWPSx6AvTK60PMSnuzq0_X3hQQuVv41wYxosbOEz0dexzCnQrS5b7eneCHgaZz_tIiqCIFXNLaT0FqCMiHPtoDpxhH0vKB9eBzijMuLehiUPzASak3REKPqaqLb0jbBYLy_Kp9JD4NesGAuHcourYa4dh8A_lVHynbXUvNnkuQFXRgv8kzSln_yA0niscegU8XOg7Q-bOCfKLaLhMd0R9JMLdWJKa4PEFFUbMi0LN59l7TfxZ5B3WH7B12qifhOxbMBgG3HyCiXC09KBvoteI4mwjWbGiCrOfAF39hBof3Sa2K9hE8DHKhXqTalT1oZXV9EV3sx0cQNNzfPX0-94PyL2diW2UKSWpAQuR5yY_nqZN6PZEe9ASGPcrvZntcX9nd8jeUGYeb209eyB5fyHaxZLx7FQrZiOSk7CmvqzuClHQA_3eZqgO8TxlGCcvv0RdHuFEvGGI1lhILf3bFKKVi3G_KSs4MWjZWqWoArCV64tQeeqxu2M1FW0yv6HFlRLS10kzV1-DbkA5mvcjOAi8X3Y787nBzhlBkCXB8SYUW6KBIJwHcpPHhWtBCAFLFztDoBqAIXe3Qv44j6Y1t97SaFb5lgKXnyOYrl0sb7MGo16V1d7aiIOyrxeVGXiDCNOL0C-lFE4nttdfEfHpjhAK6DSQg7zf6IC1_TRxJTa303McRHx2lA6Icg7KExyI0A372NNgvna7fNkFIo4jesXSZj_J7kB6Jn6xu_BD49s7HQyNTlUKZHpdxyNln3nFrf0KYd4yRS3cvmI-BcmJL94YE_NELib0Cy2yySELmwbs4hwAa7WDOsqAtMap7mWdfJK6HWJvbtzp8l6q5ayhPjDMLdB-4ZYByJFQJW8Jq_z_AKjRmqoi6Mth4vt-lrVErKVYkjy5twtKZdViYWEveTldJzDTwHtgeLblbxk5cRo0xlQyD8OTihTEujRq6UhdwTmNmHsZNOWTGqZ11SUI7xoor8BO6J6fWncgeeOY3RIJUQjX5sguoBPQEvml__RkX51ei-iQvmFxrfdo8rnBw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 94C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
date
Fri, 18 Mar 2022 09:12:34 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594754.143504,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1bea018ae8ac1219&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGbrSlsxWJ0gMvTjCIAAAAAAA&expiration=1647681154&is_secure=true
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGbrSlsxWJ0gMvTjCIAAAAAAA&expiration=1647681154&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGbrSlsxWJ0gMvTjCIAAAAAAA&expiration=1647681154&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&expiration=1650186754
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&expiration=1650186754
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&expiration=1650186754
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7008811521702904394P
Cache-Control
max-age=66400
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b376d75e-e1a2-4ad3-ad30-8eb7bbf90472
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b376d75e-e1a2-4ad3-ad30-8eb7bbf90472
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b376d75e-e1a2-4ad3-ad30-8eb7bbf90472
date
Fri, 18 Mar 2022 09:12:34 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130754
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130754
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&expiration=1679130754
date
Fri, 18 Mar 2022 09:12:34 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 94C3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Date
Fri, 18 Mar 2022 09:12:34 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 94C3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 10:01:15 GMT
match
cms-xch-chicago.33across.com/ Frame 6030 		68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=4e236d22-09a5-42bf-aa65-13356e430aed
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGn007EaJoAAAyap1piaQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAGn007EaJoAAAyap1piaQ&pid=558502&do=add
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGn007EaJoAAAyap1piaQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGn007EaJoAAAyap1piaQ
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGn007EaJoAAAyap1piaQ
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cksync.php
contextual.media.net/ Frame 6030 		45 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=f06408d3-7c2e-48b0-a51d-628bd6f80a6e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 18 Mar 2022 09:12:34 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 18 Mar 2022 09:12:34 GMT
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B342_ECEB475D_E7E4EC2A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B342_ECEB475D_E7E4EC2A
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B342_ECEB475D_E7E4EC2A
Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
194
Strict-Transport-Security
max-age=-330581554; includeSubDomains
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame 6030 		95 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=78754d5f-eb86-4e5f-a4c4-e44965808730&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Mar 2022 09:12:34 UTC
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=mXDI4agD1Nv8EU5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=mXDI4agD1Nv8EU5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-02da2fc23fed09ba1@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=mXDI4agD1Nv8EU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6486416200911656969
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6486416200911656969
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6486416200911656969
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wkG9j8AQ6N7ZR7mJxBGjisIXto3ZROuKkUVyOzu_
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wkG9j8AQ6N7ZR7mJxBGjisIXto3ZROuKkUVyOzu_
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wkG9j8AQ6N7ZR7mJxBGjisIXto3ZROuKkUVyOzu_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2e857ad4444f48ce945e6ca5f0e5d9c1&ssp=openx&bsw_param=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&consent=&gdpr_pd=&expires=7
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=3589912411653720389
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=3589912411653720389
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=3589912411653720389
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 6030
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5036F47B1E164C5B8C56BBC185A6E0FD
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5036F47B1E164C5B8C56BBC185A6E0FD
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
server
openresty
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5036F47B1E164C5B8C56BBC185A6E0FD
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Mar 2022 09:12:34 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame D60F 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=884777
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOWq50B9i3Hxa4jNt85WrT1Sgkt6RaXL%2BSd9ZVYCVhsc1cNLblGJ1Q6kXSkGU7adMpwHFK4E1xKFly32vmQKZmxOy65Qd3Dom4XoIS9m0OGe6VWe1r53YhsO3%2BHElKITIRURbL7riC7nUp5u0gd4jnb1ew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8ed899d0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1usxjk3Bh0eFEIadYx
esp.js
oa.openxcdn.net/ Frame 5920 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 09:40:20 GMT
content-encoding
gzip
age
257534
x-guploader-uploadid
ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Mar 2023 09:40:20 GMT
googleESP.js
js-sec.casalemedia.com/um/ Frame 5920 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/googleESP.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 19:23:40 GMT
Server
Apache
ETag
"e20064-9e5-5d8279649fb38"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1174
pw.js
cdn.includemodal.com/ Frame 9755 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5825
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594754.187478,VS0,VE0
date
Fri, 18 Mar 2022 09:12:34 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
60
view
securepubads.g.doubleclick.net/pcs/ Frame 9755 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSGVtc3psdxrru5IllYHeZtT8_aT0TQ0K5Rey64DXwCm5dqkNlKREPYlAgqNccoZumiFv8cQrewMr6NRPLq7qJdR2GsvgzIVJju8JxxbKcMdAzZOW--xxmwpXivp7yfEKygYaiClsmnFTX0kIQAElH5MW6-TbaR9rqDr7Vp18MsoYnVVzhD2k_PNp7EyPYpy84APTmPpdyO3kxg8Wj9Z3wj-R6M56B8QLHAyP05H6_kJMIT9krWzx-456TEcHRZZ_W_aIsGBykeJw1yC6YZVOjwKblmYH9nIKBIrqwnIVEo_H8UL1NXhupwSu1kE1xGhSF4FXkNuYebOCXErZ6-wVun4VDFyV-ggNfrA&sig=Cg0ArKJSzObPmhCjATtNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9755 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:34 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 9755 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59313
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 9755 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 9755 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
3
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
dqRUXwxXyLLPSR2ADYW_987_LB8AvkUHu12oCrvF0Dh9h2dIBIHyQg==
expires
Fri, 18 Mar 2022 09:17:31 GMT
crum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5036F47B1E164C5B8C56BBC185A6E0FD
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5036F47B1E164C5B8C56BBC185A6E0FD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5036F47B1E164C5B8C56BBC185A6E0FD
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Mar 2022 09:12:34 GMT
crum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6486416200911656969&expiration=1648804354
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6486416200911656969&expiration=1648804354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6486416200911656969&expiration=1648804354
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mXDI4agD1Nv8EU5
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mXDI4agD1Nv8EU5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:33 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0dbcefd936de3bf58@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=mXDI4agD1Nv8EU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame DC18
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_174ff51fcf874097873f0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_174ff51fcf874097873f0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_174ff51fcf874097873f0
date
Fri, 18 Mar 2022 09:12:34 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGn007EaJoAAAyap1piaQ&expiration=1648804354
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=43725741-ff02-4e85-a98c-5a33d68f862f
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=43725741-ff02-4e85-a98c-5a33d68f862f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=43725741-ff02-4e85-a98c-5a33d68f862f
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4fded1f0-ea7c-a79b-7689d01c
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
146
htw-pixel.gif
js-sec.indexww.com/ht/ Frame DC18 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjRM-vslB2dqu-QqfshUQAAA%26559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 10:01:15 GMT
match
cms-xch-chicago.33across.com/ Frame E0C2 		68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=4e236d22-09a5-42bf-aa65-13356e430aed
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png
merge
ce.lijit.com/ Frame E0C2 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=54a6bf8c-3d9a-485d-81ee-aa431ca6a7e0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
sd
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_87d0e3b1-52c2-4ffc-aa8b-a11e37fc35b5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_87d0e3b1-52c2-4ffc-aa8b-a11e37fc35b5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_87d0e3b1-52c2-4ffc-aa8b-a11e37fc35b5
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame E0C2 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=5874dc9def68121b&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ0wMP92sHAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ0wMP92sHAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ0wMP92sHAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Cache-Control
max-age=14490
Connection
keep-alive
Content-Type
text/html
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame E0C2 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-length
0
content-type
text/plain
/
csync.loopme.me/ Frame E0C2 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=dde94d1c-71fe-46d5-9b59-1795d4b00080&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.88.75.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.75.88.23.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame E0C2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3041
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8efed2bd157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
sync.targeting.unrulymedia.com/csync/ Frame E0C2
Redirect Chain
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
match
cms-xch-chicago.33across.com/ Frame B270 		68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=4e236d22-09a5-42bf-aa65-13356e430aed
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png
merge
ce.lijit.com/ Frame B270 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=54a6bf8c-3d9a-485d-81ee-aa431ca6a7e0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
sd
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_e70d3760-4b08-46f4-834f-65339a453d07
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_e70d3760-4b08-46f4-834f-65339a453d07
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_e70d3760-4b08-46f4-834f-65339a453d07
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame B270 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=301996b79947121b&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbf6_kKU1JAM9XMDvAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbf6_kKU1JAM9XMDvAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbf6_kKU1JAM9XMDvAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Cache-Control
max-age=14490
Connection
keep-alive
Content-Type
text/html
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame B270 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-length
0
content-type
text/plain
/
csync.loopme.me/ Frame B270 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=dde94d1c-71fe-46d5-9b59-1795d4b00080&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.88.75.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.75.88.23.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame B270
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
23770
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8f08decd157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
sync.targeting.unrulymedia.com/csync/ Frame B270
Redirect Chain
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
match
cms-xch-chicago.33across.com/ Frame C58C 		68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=4e236d22-09a5-42bf-aa65-13356e430aed
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png
merge
ce.lijit.com/ Frame C58C 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=54a6bf8c-3d9a-485d-81ee-aa431ca6a7e0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=46a82cf1-7ba9-444a-9c9c-f678d4b3a0b5&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=656893234070
sd
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_ac30a96d-446b-4335-8d96-04fb42ed3a51
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_ac30a96d-446b-4335-8d96-04fb42ed3a51
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_ac30a96d-446b-4335-8d96-04fb42ed3a51
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame C58C 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=cb086d1bbae1219&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ1QM3UEelAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ1QM3UEelAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAGbrSlsxWJ1QM3UEelAAAAAAA&expiration=1647681154&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7008811521702904394P
Cache-Control
max-age=14490
Connection
keep-alive
Content-Type
text/html
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame C58C 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-length
0
content-type
text/plain
/
csync.loopme.me/ Frame C58C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=dde94d1c-71fe-46d5-9b59-1795d4b00080&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.88.75.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.75.88.23.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame C58C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=317310f1-4251-4bce-b109-a20296c9608e
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2832
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8f0ae0bd157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
sync.targeting.unrulymedia.com/csync/ Frame C58C
Redirect Chain
  • https://sync.1rx.io/usersync/openx/ab7e712e-ac9b-403b-96bf-450dc2afd4ce
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MAILONLINEJSVIDEO1&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&cm=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1647594754246&de=369927196513&m=0&ar=359f21c1e97-clean&iw=2cedb00&q=11&cb=0&ym=0&cu=1647594754246&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=-%3A-%3A5531887826%3A138329649563&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&gw=mailonlinejsvideo243552997523&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A6335%3A6335%3A0%3A7697&fs=197273&na=706714587&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:34 GMT
sync
gum.criteo.com/ Frame D60F 		78 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=23445757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
1d1a51e47584de83f3aab0361ed2ca694d4a7b615088a51c2bc98f93d7b6cf91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2282
strict-transport-security
max-age=31536000; preload;
content-length
200
expires
60
ttj
secure.adnxs.com/ Frame D60F 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1647594753&bdh=HnvGallzzP_e8MEOBzVgyul9beQ.&&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html,https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&&id=23445757
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=23445757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a767e92a66fc330f8225a5d0e4afaba09c71bc71ecdcd111426cd303d8e48d74
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Content-Encoding
gzip
X-Creative-ID
346268811
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5033e57c-c7db-4882-94eb-fa7d983c7811
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
b5a444ca-bd19-4317-9f49-c843adac395b
https://www.dailymail.co.uk/ Frame D60F 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/b5a444ca-bd19-4317-9f49-c843adac395b
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
SPug
simage4.pubmatic.com/AdServer/ Frame 9768 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
integrator.js
adservice.google.com/adsid/ Frame 5920 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5920 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514487170398668&correlator=256005128893451&eid=31065690%2C44752586%2C31063246%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250|350x300&ifi=2&adks=2340058067&sfv=1-0-38&ecs=20220318&ris=1&rcs=1&fsapi=false&didk=131155549&prev_scp=abv%3D4.1.93%26adx_channel%3D15%26amznbid%3D1y4n2f4%26amzniid%3DImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2311148ded2804e%26hb_adid_33across%3D232bbed5088872ee%26hb_adid_pubmatic%3D2311148ded2804e%26hb_bidder%3Dpubmatic%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_pubmatic%3Dbanner%26hb_pb%3D0.39%26hb_pb_33across%3D0.38%26hb_pb_pubmatic%3D0.39%26hb_size%3D300x250%26hb_size_33across%3D300x250%26hb_size_pubmatic%3D300x250%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_pubmatic%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_pubmatic%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.41%26maxbid_bidder%3Dtia%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_left%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D82%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D6%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx842%26in2w_key4%3D--2-33%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h33qgz%26in2w_key7%3D842%26in2w_key8%3D81%2C82%2C83%26in2w_key9001%3D2&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594754355&dlt=1647594752632&idt=879&biw=1600&bih=1200&isw=350&ish=300&adxs=-42&adys=638&oid=2&ucis=lnhylxz4hm9u&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=350x36&msz=350x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594754&ga_hid=2040553901&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e0a465b6bbd50e76310a736d891413c62815e172f8f0e0fc9793a159844bcb2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17647
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376929197
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame A426
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailymail.co.uk%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.247.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-247-233.compute-1.amazonaws.com
Software
/
Resource Hash
524ed06eeb5841f5e3c28444b36bde20e057db0435c040a21aa57f34de23e00e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 18 Mar 2022 09:12:34 GMT
pragma
no-cache

Redirect headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame BA57 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 07:52:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 07:52:19 GMT
css
fonts.googleapis.com/ Frame BA57 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:28:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:34 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame BA57 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame BA57 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:18:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame BA57 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:07:31 GMT
l
www.google.com/ads/measurement/ Frame BA57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt1-J0P8S50OlTzSsg1xhMIUq2WrZAW2oggFsCyH34SjhCL3E2LJ5EtWmI1TmhaRRiY6fMg3qAfHEJ9v6zq-oOpY_IOw
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
vpaidjsproxy-20201012.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 3CC1 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E9) /
Resource Hash
8869ee25045b203b10e7d561b5a818f6b424e59f0b65bd30bd00d822199f1151

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 21:44:11 GMT
server
ECAcc (nya/78E9)
age
33762
etag
"3737308179"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
14006
expires
Sat, 19 Mar 2022 09:12:34 GMT
integrator.js
adservice.google.com/adsid/ Frame 3FD0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3FD0 		49 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=39731558065206&correlator=375222027291543&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=1&adks=3514381609&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=in2w_key9001%3D1%26abv%3D4.1.93%26adx_channel%3D8%26amznbid%3D1y4n2f4%26amzniid%3DIrICk9IN9jy6i9Fz84N0l4sAAAF_nEzBOwEAAAv5AV8EuWM%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2006dcd3a198a35e%26hb_adid_33across%3D2006dcd3a198a35e%26hb_adid_sharethrough%3D141de20c9532cda5%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_sharethrou%3Dbanner%26hb_pb%3D0.43%26hb_pb_33across%3D0.43%26hb_pb_sharethrough%3D0.19%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_size_sharethrough%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_sharethrough%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_sharethrou%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.43%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dsky_right_top%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D81%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h88qgz%26in2w_key7%3D842%26in2w_key8%3D81%252C82%252C83%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D15&eri=4&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594754580&dlt=1647594753046&idt=1513&biw=1600&bih=1200&isw=160&ish=600&adxs=1292&adys=43&oid=2&ucis=rso9pfpks5as&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x18&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594755&ga_hid=1344664261&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
65e74a5485d11381f71c4d62bb232e688f8afa1180fc4fdfc6e2187c2ae8e9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17674
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376929203
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1AD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:34 GMT
expires
Sat, 18 Mar 2023 09:12:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 9755 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=608673
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UK%2Bukfo0GkXbNAFjWndAzbOTnZ8fMEmp81XfJS2gYz4h4sAtOBkyX%2FDqqzlqYdXpr8xL0xr3PBTfeMC%2BH61WFrWCOJRIVFo4IDBsDVd3gOruLVax%2FpqxE0kuw8j3SC2AZdX0gNn7LL0IAN%2BotD013nBUA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8f09cee0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1uszZW2o0zz1sIadoh
pixel.gif
px.moatads.com/ Frame 9755 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A22026445361%3A-&de=208439646755&t=1647594754709&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2904122127%26moatClientLevel3%3D5787369563%26moatClientLevel4%3D138377414314%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D22026445361%26zMoatPS%3Dmpu_left%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=2022355925&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:34 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647594748255&de=368340930201&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=12&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2904122127%3A5787369563%3A138377414314&cm=11&zMoatPS=mpu_left&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=22026445361&bd=mpu_left&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=22026445361&dfp=0%2C1&la=22026445361&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=292008702&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:34 GMT
truncated
/ Frame 9755 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39b20ccc1db18582bc0f379d86e28f32fbc7bf91384e3865e5ac5235807da5fc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
t.js
windaloop.com/ Frame D60F 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6103e6cbefbf86900a4f1fce48f124b93921e7c0ca6231e5e283b076b422827

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:16:09 GMT
content-encoding
br
last-modified
Thu, 17 Mar 2022 12:37:22 GMT
server
AmazonS3
age
57386
etag
W/"2f1a556ba2d0cfe8419072b7e55b184b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
1vkcGzOQL03tkCCEdMWqoUPTRufbByaB
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
HJmLO82Oc3Why6uja4-WSJYj6XNhnhjbXUB5PxseALMzVOMHRRy3QA==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 24B4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=1922&pub_id=2039057
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1647594753&bdh=HnvGallzzP_e8MEOBzVgyul9beQ.&&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html,https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&&id=23445757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:34 GMT
Age
10408
X-Served-By
cache-lga13626-LGA, cache-ewr18178-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10674
X-Timer
S1647594755.780233,VS0,VE0
Vary
Accept-Encoding
trk.js
cdn.adnxs.com/v/s/224/ Frame D60F 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1647594753&bdh=HnvGallzzP_e8MEOBzVgyul9beQ.&&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html,https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&&id=23445757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Content-Encoding
gzip
Age
1901645
X-Cache
MISS, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-ewr18161-EWR
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1647594755.793151,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 74973
it
nym1-ib.adnxs.com/ Frame D60F 		0
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&e=wqT_3QLOCqBOBQAAAwDWAAUBCIKa0ZEGEL7LjPrAybmxfRjdxMjPqvLVoFgqNgkAAAECCPg_EQEHNAAA-D8ZAAAAwPUo-D8hERIAKREJADERG7Aw_YGXCziCD0CCD0gCUIvJjqUBWIubmAFgAGiS8rYBePvCBYABAYoBA1VTRJIFBvBVmAGsAqAB-gGoAQGwAQC4AQLAAQTIAQLQAQDYAQDgAQDwAQCKAjx1ZignYScsIDIxOTcyNTgsIDE2NDc1OTQ3NTQpO3VmKCdyJywgMzQ2MjY4ODExLCAuHwD0BQGSAvEDIXJrNVhmd2lsby04WUVJdkpqcVVCR0FBZ2k1dVlBVEFBT0FCQUEwaUNEMUQ5Z1pjTFdBQmc3UVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRT3dBUUM1QWI3UVRNVUFBUGdfd1FHLTBFekZBQUQ0UDhrQmlKUkdaZDhVX2pfWkFRQUFBQUFBQVBBXzRBRUE5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1UTXk0QVB2TFlnRUFKQUVBSmdFQWNFRUFBQUFBBXoIREpCBQgJARgyQVFBOFFRCQ0BARxJZ0ZqQ2lwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JmQ1RDZkFGay1TZkNQZ0ZpbzZHQVlJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHAUwBASwtRC1vQmdHeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCEhBQUFDNEJnby6aApkBIW94Qi1fPvUBLEl1Ym1BRWdBeWdBTRXpUGdfT2dsT1dVMHlPalV4TXpKQTd5MRV5CDhEOR15AEIdeQBCHXkIQnBBFQEEQngVCxRBQjRBSWsueAH0UwEu2ALWCeACqORc6gKEAWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9uZXdzL2FydGljbGUtMjE4Nzk5OS9XaWxsLTE0OG0tRXVyb01pbGxpb25zLWphY2twb3Qtd2lubmVyLXNoYXJlLWZvcnR1bmUtbG9uZy1sb3N0LWhhbGYtYnJvdGhlci1tZXQuaHRtbIADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA90c4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIECzk2LjkuMjQ5LjQyqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMTkyMiNOWU0yOjUxMzLaBAIIAeAEAPAEi8mOpQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG6QbaBhYKEAkRGQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaBbQw3B5AAMgH-8IF0gcNCRE6ATgI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=b926e1b9a2ab46e2d33cd1f9d2a2f8aabe233fb1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cb948661-0d63-46fe-89e6-764ddcc5777c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame D60F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91146e2673380182c41fb63cfffad4a578631e1a80a60c706daf6abe2c64b6b5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ Frame D60F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274098%3A-&de=477560960505&t=1647594754738&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5094325174%26moatClientLevel2%3D2940406257%26moatClientLevel3%3D5847399795%26moatClientLevel4%3D138373656875%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274098%26zMoatPS%3Dsky_left_top%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=1482889956&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:34 GMT
6b27a6b9-a17d-409f-af3f-782f4097af85
https://www.dailymail.co.uk/ Frame 9755 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/6b27a6b9-a17d-409f-af3f-782f4097af85
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
cm_:onejs_load_evt@v=1058,onejs_exec_time@v=1,aax_load_time@v=650,aax_load_time_one_tag@v=650,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 3FD0 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1058,onejs_exec_time@v=1,aax_load_time@v=650,aax_load_time_one_tag@v=650,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=60a8b241-35f5-4335-869c-a1af2c3949e4&session=bb200f0f-9c43-4ee4-85dd-42faf3757918
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
x-amzn-RequestId
c7ea2e0e-6bf4-49ad-a116-d9d403ca93e4
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame A426 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=e0d60695-3cb3-4226-91f9-a35d415d8ff9&expiration=1655543554
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:34 GMT
csi
csi.gstatic.com/ Frame 95B6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l0w7dkzg&c=3543318666684&slotId=1771659333342&qqid=CPOn59-oz_YCFUAGaAgddTsFTA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 95B6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
88924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Mar 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 95B6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
239824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:35:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cy6XNAE00YvOnMsCMoPMP9faU4ATNsY_8aJCB5tK6D8WM4Z7eLxABIJS60ENgye6Oi8CkjBCgAbLQ1NICyAEFqAMByAObBKoE8gFP0Fwai4klNRsmvOA-hyLGeGqGQlg7GogH0PLmojpubX3O2gR_IOEXlKPTWXlHSyVZkk1AhVb0EbzEEkvW8j5ti-VAiaoAZm5UvjpDW56ZEAGEsq0v-vwLpX1PGiNShxxbMy9YQP9v2sxr1U8ezGjiDiugFS2A3bvIQNtL-sxQOZoLeLdLhdJD3Va75rQUgw_w9NrlJM09bnseQpJ_jh0PFqYozM8MrGzPyE2wJdJke0z6c1taoKORahcDEVjdf-Wr-etaCdZQaybbca_HQCwZgkipkoHMy3C2oqxcDXRLu6asYgCjBBNNN04dQbKnoVS4CcAE3Kv2wPQD4AQDkAYBoAZ2gAe2r6utAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB2ACgPICwHgCwGADAGwE_-xwQ7IE5HFhd8D0BMA2BMKiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1647594754762&ai=Cy6XNAE00YvOnMsCMoPMP9faU4ATNsY_8aJCB5tK6D8WM4Z7eLxABIJS60ENgye6Oi8CkjBCgAbLQ1NICyAEFqAMByAObBKoE8gFP0Fwai4klNRsmvOA-hyLGeGqGQlg7GogH0PLmojpubX3O2gR_IOEXlKPTWXlHSyVZkk1AhVb0EbzEEkvW8j5ti-VAiaoAZm5UvjpDW56ZEAGEsq0v-vwLpX1PGiNShxxbMy9YQP9v2sxr1U8ezGjiDiugFS2A3bvIQNtL-sxQOZoLeLdLhdJD3Va75rQUgw_w9NrlJM09bnseQpJ_jh0PFqYozM8MrGzPyE2wJdJke0z6c1taoKORahcDEVjdf-Wr-etaCdZQaybbca_HQCwZgkipkoHMy3C2oqxcDXRLu6asYgCjBBNNN04dQbKnoVS4CcAE3Kv2wPQD4AQDkAYBoAZ2gAe2r6utAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB2ACgPICwHgCwGADAGwE_-xwQ7IE5HFhd8D0BMA2BMKiBQE2BQB0BUB-BYBgBcB
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 95B6 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DE7DoG3i0t98UgC41jJPvdUvChjAGBXGY_UVSMDdvg3iLn0_YdPdYR1oFVNEZhLKLNAFUAZrKTNcAprdyMgL-ygkNAUA&cry=1&dbm_d=AKAmf-BP_kwm2rSaQnJ75EJL2hiYIiyPhFoQz55gBwljXy9C4-hZjA2_85MOML6nhvwBh3djxbt2vm0jzG0Ngyv_8mYkx3rKEV78xSWoRIjO4oiR5i4j2RF66V3_RTqkWVnrun-l0Uf3VtQgGgQRk05g3V2HNrbwspazruiJady-GZu6lKeYyJq9dfK4UNhbhTu-3YH3BMG9zzHZ4ZJmxwf2NGKKm1rZ9RsJdwYllhWVhfgbXn1E2Tvi0AB9YEnxKWpz0yvp9k6l1dTqDgzjQwbxMwyl9qq4CJhZoLrx57n4KuZWk_4PzleHkJYtPBBHzN-qIP0qH_Z3dhk8MIysZj_yQh85qKrTcxp8NpXkJOiS9hcBaMLLQYGuoHuhBBxELXsRJWvDIk44r9v6UZYCxR0UoV1yEgOePOvrkKCKLjGOPNI3H4a-Yd_fPY-N0OepC9PRjG-QbWz-2WA-tycJvYtgCM46Ey9b6MZcu9ZE4u1sIec2d5UnzNqclS6OpmExKsJ-HGxZcFXB5Oe9cs7vLFt-Q8luhvC6qYnxouk7W1TZw8DGZBvI971792w8pQaxN3UB0UzWZyy89i212w644qZSwkosCCS-tzaRFRVdz1RSMKB7SnITpf4oAOWRkWzrfWrcvwvRskrEPlHrJdQZw41zGgmpp2uY989QsV_vU4bGdijp84kltmIzKkSV8oqP5WmEPFt7DGo9lxUGScr3igNDxhCuuB97AMohTKCyW40DwaYVlymOQAPhHSnavOi53gbPrJTmIzAArfej5L_dMTeHCqKxJdnIDQZXTAvqFlq7921o0AlGn9YhW1tA9BAzlWnbIChvSMKAL3mjvI8OZkTnN9UBvGiAAuucNi4Vpr7SZaM9Of37enp_Eb00OgkWlb2bqDuSWHitA6ylKIfjwibe_e7C8Jt9FlfEvdUwi64f_-BfXChM0Fg2y0HrbMWWIEQ2wBevuozJy0s7w8MYF4AT_C6dtLbKM4dIg1cIOnlpUFg7YX9rVzzBg47IzisYefdRkev5gA6A_wLWMhBiwq4jCyP27zftmLqYU8OtAF7NP5J6CSnPb0b96oeoVkZG-dEWa-9c23iKmIS2kj1cSDlktSvFXr3fIY5XZhXXIXGKCHCRH1hLKEy3z8Vga75Vpg5nC612-N00J-zGuqjFbztKXeu_xLM8iSkGXGjvXDucYOgPrhmoRMPj2VhGz1S-ZSEK_vtc6tJJmWfE3JJKvKXvdXeBOzRpXfTNL-C0pfWaOj0owgE9rQoHODR1VGfJXeeAJETwatU48rPvlihBMuNQJXRFYIQkyMbSLT593F38Dmj3r1lQYnwWKzpbh5_76oo_hs0WoG8aiVD1_79Hxjuc2ZaO4royaHp-Dvig9ZrxGJIViv94dYUK1DKF2VnrBVPNboPRJwchdrTyGb-mv0gKPxosw0yQ1s8CL_lx93NHPzHCnoWFOmMWsvWtaalD8cM0wo--bWjS3DdDFSxVppObEVm_ruJjL1xrsiOv6Edp5ybg6dZ27aDpLrz4vHgI8FXf4HRrq82zbicditskEupMI53tUxXBsvbqLigpNzDi0J-V816esAw7mIWkTS1Fuf7h72SLfSnd_Yoh6thq9t3-_unoS2y32rgDNsetAPOhvNAgDzAgCLmXXFFDpEegbQdHyIAGGwLmydI_5fg-b4Ijj3ezBa5vklxbATNk-aqjCinumCGY3JKYB_38jbDc7FilySzy3MHIVRN70Bt2VV4L_Sys4PunqQURHfyhv-821o4YDDHAxh9vEKa2H98e6ch5abLIybPpRJIfG-k4ri0ruOGxQng4XcAL0L0WxP8FrjwGfaxMVWTWogyEKN5d_EXllPUQ51rjNjkb1MBOiowcORZfIU7BiCtYqdVugZMXo8fCCFjamrT5K2TF07d24m2QU2uYLsbvQI1QKQWV1TkY4Se41CfVQYuSE_G1ULz-Thfdrrijxw0SQ7n2oof0R54UdUZt133Wlq1ldXnFQALzM5fddy9K9Ni33JLG2ZtJKgOlPXHNMiVL2aHU7JvuC5Ydi3ygcOsR51zWkOX6mWyHVKIFijKqZvCWf0vcRjvnsBOCOO1pNQwhTkgftD0Id0R1Xs6v0QgRU_-OvyoBr-tsfw8JEusOBTH5FuOS9xMrj4PkY1r8OUpkIB8qjo6n2tiF6klC42C7HzBzpkvipzeLPgVMpZxEUmWIKCbPvzI-lXHw9Ezoa-NVRltdiIOfwdhl4q0qXghDCiN3eKu_yzB6cdR6N1Pll3z51opPLCTrJ7nhIeMjxXX21QjxLhhmFOYW-GahgmiGr8aZtg6I_-dYlQZGf72VMhhbDFl7Zj87edTGKi0794bOmvO7oNSmGHN-QnVeGmFTLyCANROPYdLTQj1ALOgZkLCgvLBERtMx_GWMcD9xicGCB4Ymcfl_EIoEzf3mDFhSwppxwcTOfjWWGnMS02JNfYiFe7SBU2NZgPZVLnvvXayp4zk5b2RuQ6SrQWjXqf_eWLr5RTUfKpJkLznET1uhlQGyjleOUGfhtbTUCpZCeCJEEn8NbkpLAUNu1sshpmi7GK-6OGhX2WwtHgsJsnNS_9hHlFD6fA9IwLQZ96uvQRahL08OkjUh4LnNTn45nqOUfujFVBI9gWVY-fqqa1Y6TAToy--edOVBab89ttrzTCIH4o_wupWUMh5hiTt007a33hXb7woWBN00Ng_gC39kFFWJrzMT00281soVwgK6jJg3UXU0pDAb5JJ_MCjmO4W3QNcFpbusCE17ypaSzhAdLLT7kBrmiHLR3Nlw3yO2s-hiLL0Yxk9LEQjXi_bfAaUrgoyMFGgonW6-10c4Qe7msDqeW2YzkTjAFeuQvMm_2WkwDtf_IFibzee4IU2EoSlxin1R6EgHQ3ar-MsWM8hDNcpNmiEzajyVgJh1v6DaCC729y_Gf_pjbE3Eo9wTR9uT706IxuXq41uv-mh57YQ4Sx28uH8UUJ5cpdiwGBFjba5EVpk1aUafjR697GBHsIUc7UjqMX7LCXaS5oaZHkrndZsXMZbLTGGLw8EL4F4xRrytbdMTvflI0qNqR-OpbdT_NuRQWaJSjXQGw0K1I957NP4x6J2jccHz6a8NEYa4DimnLvnoof_n43ot5KAFGwes3E-f3BIlCC-El50uWFcIJ5NHtl8YdIVA98BaCG7iajU27tbn_B194tCwzJfR35tf2sbs4SCnM247xvt0iQUPE-AHUXd5yrJFRIZlFYboA7dtkZe9LA9kbntpJCI2SrrQ&cid=CAASJORo7xfEfHREXLXqEZQ6AERxOtp4GanY6M2wxItuUHk9nE977g&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
10cab84ac191c069fe34c0c450f8b2d37e79c1b29ba8c9cfea494c8980910544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSync.html
js-sec.casalemedia.com/um/ Frame 1856 		130 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/cookieSync.html
Requested by
Host: js-sec.casalemedia.com
URL: https://js-sec.casalemedia.com/um/googleESP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 22 Oct 2020 14:12:07 GMT
ETag
"e200fb-82-5b2430c98a4bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
113
Date
Fri, 18 Mar 2022 09:12:34 GMT
Connection
keep-alive
getad
aax-us-east.amazon-adsystem.com/x/ Frame 9755 		0
0
truncated
/ Frame 95B6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc526760dabe2f56d658092189bc227312f81653043ffbd78e0b53bd0ae86768

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
getad
aax-us-east.amazon-adsystem.com/x/ Frame D60F 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
Server
Server
x-amz-rid
QFM8TRXHY0FNGZMZM7RS
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
adview
securepubads.g.doubleclick.net/pagead/ Frame 95B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGjV_AE00YvOnMsCMoPMP9faU4ATNsY_8aJCB5tK6D8WM4Z7eLxABIJS60ENgye6Oi8CkjBCgAbLQ1NICyAEFqAMBqgTvAU_QXBqLiSU1Gya84D6HIsZ4aoZCWDsaiAfQ8uaiOm5tfc7aBH8g4ReUo9NZeUdLJVmSTUCFVvQRvMQSS9byPm2L5UCJqgBmblS-OkNbnpkQAYSyrS_6_AulfU8aI1KHHFszL1hA_2_azGvVTx7MaOIOK6AVLYDdu8hA20v6zFA5mgt4t0uF0kPdVrvmtBSDD_D02uUkzT1uex5Ckn-OHQ8WpijMzwysbM_ITbAl0mR7TPpzW1r4ogufhJFXynvtE5FMHVeedV32hfaXAeumqgKdQi2bqNRY8A2vMd2TYmWjFVDULEWIjFsbVrnmXJ0UwATcq_bA9APgBAOIBZznqc89kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe2r6utAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMfhfhjTzr_EAdIIBwiAYRABGB2ACgPICwGwE_-xwQ7IE5HFhd8D0BMA2BMKiBQE2BQB0BUBgBcBshceChwIABIUcHViLTYzODQzODU3MzEwNTU2MDUYhIge&sigh=PqPDrYbXt08&uach_m=[UACH]&cid=CAQSOwCNIrLMVEoJx_rZR_T1narmjzAG9TYRqQfpr567Lm9MtaiI7AfyH4BlRd5jwOm9Lmlg880W19bVOxuj&vt=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.
Requested by
Host: 8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
URL: https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 3AD7 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:35 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6694ae69-23b1-4c2b-85b2-e9654b1430a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 683D 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e8419e46-1382-4521-9e7e-cff58278ff96
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C80 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:34 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
56f5ad2a-6cc6-4e9f-98bc-7a6986a8d654
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F040 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6FE0 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9f2e445197f40a69565f192916189459f72e8c2bd0f34d6ebbc74255ffa2e03e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9fvJApbuW/1LUctvY8dXng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:34 GMT
date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9fvJApbuW/1LUctvY8dXng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame BA57 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l0w7dl3q&c=3220033333770&slotId=1610016666885&qqid=COHw_9-oz_YCFRRYDQodYxQCnQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA57 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
88924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Mar 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA57 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
239824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:35:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA57 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C7dYsAU00YqHsDZSwNeOoiOgJzbGP_GiQgebSug_FjOGe3i8QASCUutBDYMnujovApIwQoAGy0NTSAsgBBagDAcgDmwSqBPIBT9CHMWgdP_dNW-7vtjyIfBmHnX1e9MuS6u052qHbzIBWmT4mJ4Juw22XVOVz6PjNxPpD1evih-fn09PBcgFL0zNd58g7wOCEn7iotIpcyYT6Fv-vp1_9a1gIUHjRHUKwHVmoQFwhVESLiGiP2zPFYlZHIL9gq60CX-w0r1kK_JnaJnB5u7m_BlxKw6gX10jv93SCnanSN1vfL8wyHCYCJjiBh8dzWmxEy2VzCTi7G73DoGmY3baMWR-7QAuGe1V0UafSzVUq3jzSgU_T29eQR-XI-9u6NvOCD_Fno6sUzEDuMuW0JwALc9W81X89X-DA3ULABNyr9sD0A-AEA5AGAaAGdoAHtq-rrQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBP_scEOyBORxYXfA9ATANgTCogUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1647594754885&ai=C7dYsAU00YqHsDZSwNeOoiOgJzbGP_GiQgebSug_FjOGe3i8QASCUutBDYMnujovApIwQoAGy0NTSAsgBBagDAcgDmwSqBPIBT9CHMWgdP_dNW-7vtjyIfBmHnX1e9MuS6u052qHbzIBWmT4mJ4Juw22XVOVz6PjNxPpD1evih-fn09PBcgFL0zNd58g7wOCEn7iotIpcyYT6Fv-vp1_9a1gIUHjRHUKwHVmoQFwhVESLiGiP2zPFYlZHIL9gq60CX-w0r1kK_JnaJnB5u7m_BlxKw6gX10jv93SCnanSN1vfL8wyHCYCJjiBh8dzWmxEy2VzCTi7G73DoGmY3baMWR-7QAuGe1V0UafSzVUq3jzSgU_T29eQR-XI-9u6NvOCD_Fno6sUzEDuMuW0JwALc9W81X89X-DA3ULABNyr9sD0A-AEA5AGAaAGdoAHtq-rrQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBP_scEOyBORxYXfA9ATANgTCogUBNgUAdAVAfgWAYAXAQ
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BA57 		29 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AU-42UwSiYU2-ECV15HdQdY2Gx6_YCOFFLV2lqbdn95mkKwg6qQ9npliEdPduw2R95vTVQbnQJyCFh8LmgegsKYPDkvg&cry=1&dbm_d=AKAmf-B0LRFJ5TYT4ID3d24BGuzLIOH8Q4WCFwLoOLfs9_weJ8RSgekVm2Wt4S5Ac4GrpFq-1rtjLIPh_oWtSmuWiCzKI4060fy1MIR5ayVofdocnUiSmMo_KbiewR7ge241dhF8LARR2v6C-9vymlgtYzj1D1X2dqLNAy00Ii-2n3CgRG4FTB0SHgGEa8Hk6rhgZ_Rxjjb-3T8Wz-Nrmse6z8DKW0ZaSW6Z6Hl5uP92dKwtdN0trhM9kwy4GxSZ8FUQ00qomFW6HCmJfmo7tVADhwQsK3Vz-aT70dQ2_GOWpP1ncIqkqw4L3gm8sqdCWjJovRBLxOSHrO7DaIyrA7G6QJUDkthc4QjvE-qDo4CfyvBfDrcJh1vnjdbNnc0GVLoXCnW-25b2TI0ba1vqTbR-qFO3JZc4PR5PDjA3JtWoXVFDE7sDHhmsjz6BJdG8JuEDOiha1uH5vmq2Oegu1TUfxuIIFzPUiE11kVA70DyRGjJfpg8Ww3Q_I7lWnGBS5cN3pCfzITVVQb8_FRASWP8ZIIjrgxSL-2Bn8uk9oknfwBG2keO2FNg2tqDzDkjdW2EQFhG9jmKNAezcwjhJW67nO_VmUSHKNquoFQtYr-tX7-svYM9vm6SYBsW_xVMJpiN1DGEdjiWsHRF8drtAa5zldOd5H0WVJTfBQqQzz7uDC4Tr8PLEzpSYQ3zXQNVKkluPFWWsH53nHv9g3JXjderNHMH4LkJ7MFgxzDIBaitba9I8CvHguRFA_imrqZ3VO-uJ3mDnYn_XbEX-EhwE__znvDTH_GmPTFbYZr3qJdWpAPvdQT10EEzsdzTdvjq6JOK781spG3QJv11RI1vLodTkMpufMliOQ3RbCsRc_gvSMcSzZDc_pHi02Ke5Wg0mHNFo3peilefE8IxNBrSz46Pc0ehqLz96XHwlv2-1DVv16iF4cxk4leYC9L16Q59IaeprJraflcSkngMtmJTVZ5vS-FxILWsl6phBXS4eOOzwIXfAzpEphIZqJjRDONN0rdx8hcEB-ZSkJjeV9iYv_Rm5BGwh8RK9qldv8pPrCye1B6qJzZ7gtwZLYe6ur8tRHPPui8ZVu069U2aFOE8WANKL0aWqkphpQFJWAaXxP9W3_ef_E2sNSSuQ7GBjQDP8pb7vlsbuO4g7ueooluzr-5bGtSbzSxcBfuehmPUnEvOJ_ffS5oLjbHFbn4apN8eLhsbFWkJfVVMzz3ig5R_qkKBbXvXxBkf-j5RgAJoIzc7peJgnj0e7ju6lwiXeLPZkwewWeP2Q-3p6l5rZ10T44YsEIfkn2YeBVko13stp3PWv5f35NOEztdvkIKVT28XIq-_wlJPTGPOuZOOwbl1ulQk9HtRrP0ltPnJG_Ydl6v8jWUGItVaQDOly3cUekndbzzWxgpUQyuZjEIF6TNfcphppDf0UrJNbtzEV0y85jWymqgA9M4W8WUlzF4A_PxpQjgJesSMPf5lOcViXX-rSFDpIGcmqluw7pgfH-F8Ko6WKc1j-rSXuMSNtC6aGD6uyLRHDvZ_lRVyDq3oHg41VLLkafGfUHvx3yAvTUs43mDorQW5HC5Um1M9ENL8yKqOhuhJZSVWSOrhhIjgt-1tHTkbgdhiJnCh9RoDIw_SPr-TXBxIW-5b4wG7d_6D-lHsJr8YAqA8BLObw-qG-tEQijN-_xpa5pBkdY79Nm7VI8_0zPhGQg9KGGlPtShoXmNSyDYaFrwo3SFHiHDDLs97nXNv2PkoQ4iLTT_kGbR0e90_e-8yP86VI-I03Xa3ApVoZaIPgQKWMbgX6V420rtH7dkMWXINmNPjZg5rps-lYmnwWu8eEUfdFbjnsyOXF-8ePw_gqkc9RS2lbKWD18Z6FirYIwrim6uh04S5AllBKP5_zSSg0odMxWz-2u7ZHSuytMr6hAdxyglNSPcZ-z_EwkB0PyGo6Efhmv40E0SH46l4cyY-jKqmMlqVIp9SdaeHhgr-QMA9ZwWWxNYHbeUMHZVl0azI1eE_43jsf-iD4NblOqCmyNnSTgYN2Rr2-Fp0qCaGR4Nmemgbr_-O4dKXgLBswife6SjlLbjISfBLYE2rAXmvG0hy3_KXMajisP9p-A4N0aXWYj4YB_zAdnpo_kabgXSekk7hIVVDc0a5fZxBQa_b5AfCVh4Da63GIWDAGXeHJcSwRbWCobeqzjDsZlhGqJZijKkSJEWlqHO-AJJxstdh3ALYhMaSwlr3eogx0evJQYwpNgi8EBWhnM37qiib-iJvKvbVmFyce7nX3eQrUiZz38C3GRZMlBh-h9GDLT2SuajR9Kr1ngfJn3N7XuLwZZE-N9LmX8hAKIEZ8eKbSbM-dWeWf9946K7wXmLfA_fpuGW2TQ0n7nJYoFrMAm_WWGZK-OU2KdefK-YcklItc4H-HeYm7iZvq1RTaMyjR0wH7_Cuw1O0_BIGvrv-p-8WnumoAyd-lptiQEEjzzlCouXrVatvu8eRAFmNwN16T23LLEyvwXIR7edJDkPCksmjmo1qFmFen0ssAmhr7K9Zt-NWBywx6pbcswIpisYC-rbOiW854hzb2tgepqBcoa447wi9AjxsTWjnjLzxTRp4e8a-QaaZwMnyABoZo5avtcrZTIGCXEfXpdiWY87Bo3rjsG8W9MlbYXS-el-jSlF1siX28m9bE9KrRkc6aJ8x3sjbOrY-KDro4N0zWsAVyctC9mlAPM5DrWPaUAeazFbfxkiM8uAojD9v_9Ihy6wNIkfc02AChVdLcax6RPYI8-ULjdczE15c_YB7KNyLM4yFNip92uFOy_hLarm5dnOElB8mIP-qvR7WFHCOdouy4dVeGV9DEVThFM9M53rr0axPgooalnKsibby_ZrOcFLbKdggRy9Rq0MA-0inD5cpWXHpU_Soag29ojFrYGz_a3bCc-RHBfTbZRhXnvyOeDr2Y701rIz-satt1hr2YZjCrTpwbpToYyx2S2y1ulkd_7EcT84JG95PW_bFEHmbS8Zfb96XBD_uvYMAalenGKD7Mt1ccXgIgGacWTockS-kvZs0qrz03vqUlKo0GHvRdnjJd9CxhX2l34SzSR30lnRTVsy9VrFHMs630DQoaauAluVChfnVnE1YUbeZ-_RH9Eg_58kkJGS4o865EnXfVYkv7T0bA6m2sBkIfX9zGWdK-YtICBhLrKS-ODGuCYroqe4BpaPhL7nTaksvN5OE-tluwNaCzZSU4C73H5snmdBnF4ffOGmmAtM0yJx7LRyz4-b11AquZC7ib7Vfe&cid=CAASJORovGXoqkGD4lo1p_ml-Az6olRjqROKHt4rVTPQjl4ZUC01Eg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
c8aab3c59ca67fc93877acea03a82f210181949e79d9b9bb12ed05f2c9054dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15483
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BA57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca4y-AU00YqHsDZSwNeOoiOgJzbGP_GiQgebSug_FjOGe3i8QASCUutBDYMnujovApIwQoAGy0NTSAsgBBagDAaoE7wFP0IcxaB0_901b7u-2PIh8GYedfV70y5Lq7TnaodvMgFaZPiYngm7DbZdU5XPo-M3E-kPV6-KH5-fT08FyAUvTM13nyDvA4ISfuKi0ilzJhPoW_6-nX_1rWAhQeNEdQrAdWahAXCFURIuIaI_bM8ViVkcgv2CrrQJf7DSvWQr8mdomcHm7ub8GXErDqBfXSO_3dIKdqdI3W98vzDIcJgImOIGHx3NabETLZXMJOLsbvcOgaZjd7o3D6ijSTRTdx4JrEiTAwonToXGsqX33MRZc-sJ_0pMuYAK0_PoiNQLiWF3OU5jBjJRl-aRx2NNlVcAE3Kv2wPQD4AQDiAWc56nPPZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHtq-rrQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCQgHQY086_xAHSCAcIgGEQARgdgAoDyAsBsBP_scEOyBORxYXfA9ATANgTCogUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi02Mzg0Mzg1NzMxMDU1NjA1GISIHg&sigh=A88ACb9LwSo&uach_m=[UACH]&cid=CAQSOwCNIrLMMT4veSOWDQfpYW4P-Ruw7ZQOJamuFwThVeb1N9wtuV4ksFbCuOBFKSmrWidZk138nn4KD67Y&vt=10
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
truncated
/ Frame BA57 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dd0b3cfdfdcf42a23f2472f47550c549f5b0fa9cea2bdd62a4954c32cdcf487

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 9755 		0
0
pw.js
cdn.includemodal.com/ Frame 6307 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5826
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594755.926616,VS0,VE0
date
Fri, 18 Mar 2022 09:12:34 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
61
view
securepubads.g.doubleclick.net/pcs/ Frame 6307 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvesMh_pVeaKqSbvo6EOKv1YnIOL7OSDu2Y8KD5AMMC76mqAd_N8KnKj1L1WaV0Fur4RgjP7pfzXL54mYNyMcPKCPWqPe1sBt7DnZFaJJh2f9tceZGmR1pvLJt_9JW7RxdOcamv9fPo83bzj5cc4E8pTQf-S3FwxZQ5tuZu-XifwXo_ePhs7bMF5qz_B1bXvME4fFzdJ9Aym-ibK2lodRpnidgdDIYAaPwbX5pOyciJit6L_zewKS-fleaaeaw6RuI963xqmTm9v-bd6smtNC-tI4ohKq7Z9mH5Qb5EGpdNBTEQUavG0TWyxGvlMONwXWW6ZRf8dRYT6GcrTgPmhYTqHG6xP3JpQgx27g&sig=Cg0ArKJSzFFeAEgUn_T1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6307 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:34 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 6307 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59313
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 6307 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:34 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 6307 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
3
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
ixCZuE02kCOi_t93POKtGjlFzaH4BtVQPOQC-FlPB7VPlJDug_x_YQ==
expires
Fri, 18 Mar 2022 09:17:31 GMT
integrator.js
adservice.google.com/adsid/ Frame 5920 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5920 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514487170398668&correlator=256005128893451&eid=31065690%2C44752586%2C31063246%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_left&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250|350x300&ifi=3&adks=2340058067&sfv=1-0-38&ecs=20220318&ris=1&rcs=2&fsapi=false&didk=131155549&prev_scp=abv%3D4.1.93%26adx_channel%3D15%26amznbid%3D1y4n2f4%26amzniid%3DImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2311148ded2804e%26hb_adid_33across%3D232bbed5088872ee%26hb_adid_pubmatic%3D2311148ded2804e%26hb_bidder%3Dpubmatic%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_pubmatic%3Dbanner%26hb_pb%3D0.39%26hb_pb_33across%3D0.38%26hb_pb_pubmatic%3D0.39%26hb_size%3D300x250%26hb_size_33across%3D300x250%26hb_size_pubmatic%3D300x250%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_pubmatic%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_pubmatic%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.41%26maxbid_bidder%3Dtia%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dmpu_left%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D83%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx842%26in2w_key4%3D--28gz%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h33qgz%26in2w_key7%3D842%26in2w_key8%3D81%2C82%2C83%26in2w_key9001%3D3&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594754934&dlt=1647594752632&idt=879&biw=1600&bih=1200&isw=350&ish=300&adxs=-42&adys=638&oid=2&ucis=lnhylxz4hm9u&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=350x36&msz=350x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594754&ga_hid=2040553901&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1b2fe8f471014617caf2a6881b2378b19eaf2927e0d56973eb3e8d3d7cdcf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9420
x-xss-protection
0
google-lineitem-id
248283068
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
133674874148
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2347 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF0NWOA0y9-MBwQOfxwHnYbdQjv9EbnyxZyxFGICWVZGrh6R953_GXT9TcsVDwaQYUP0Q7mthF3MPIDqqDMIMVHCwOoFUKS2C9I8DrDIfsYl3RxGWbQHspskaZs1jGb2dx1hxIi7KqfXimn_p2R7YfxgxZjzmBc7pyTu5fGtZOy4qH9Ilw0u4ySulQoWAsxUraOKjrhR3n1DLvh79R3dP2VvlKhZ8emlBfcUE5cxs7CiG43c5dKT9B0hi0kS5DtNe0da1cUHP8AxLadqUyJgVs7Rrxu6bzE_19JsFg1iiIY-GWG7Ko-to9lYvC5GvmYl__ZXz_5yDWQM6HdnBSLSYD3_ljpY0NLxqCSD1pk5Oz&sig=Cg0ArKJSzA05JzvQt_t5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2347 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944ec6768e5401219eea69a8ae97bb72c7c39f6a9a0a48b532e1a56fec61f8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10694
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 95B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 23:39:42 GMT
file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 95B6
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/804E73E53FE7923F42AFB0A298F853957CC9EE03.6D0B509C9722261F36B8B782E2C9000E580ACF29/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:9::9 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:35 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231163
Last-Modified
Fri, 11 Mar 2022 11:11:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 18 Mar 2022 09:12:35 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/804E73E53FE7923F42AFB0A298F853957CC9EE03.6D0B509C9722261F36B8B782E2C9000E580ACF29/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2189,0,0,0,0%26mtos%3D2...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2189,0,0,0,0%26mtos%3D2189,2189,2189,2189,2189%26amtos%3D0,0,0,0,0%26mcvt%3D2189%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2429%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D10645%26vmtime%3D2522%26dtos%3D2189%26dtoss%3D1%26dvs%3D2189%26dfvs%3D2189%26dvpt%3D2429%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2189;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEbE72o5hgZyfKvwTArgdHPGbnzBr5Fn42qHw6GBhUAgQupo_KlirGzmzWKmWKH1aIqEy3OdPf97sCoSmh6wEM9N_z7xICTI685D65-E1xP0Vk7xA&sai=AMfl-YTdcf9K5oUzbmVtcPE50FHPZMXpWzGFZoGP1UYasWxCctUF7yCypBsw2DpxHhJzfgieI-4l_RQMXUw8b3BvA8viqCiGzbxmHzCFgiw7gDzUlPrT_gZI6F-TqsA&sig=Cg0ArKJSzGmcz7bsydIgEAE&cid=CAASJORowlt1s59gUABx6A3QWbEntoDn2DYYNO4HlQtsX78cX-AiQA&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2189,0,0,0,0%26mtos%3D2189,2189,2189,2189,2189%26amtos%3D0,0,0,0,0%26mcvt%3D2189%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2429%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D10645%26vmtime%3D2522%26dtos%3D2189%26dtoss%3D1%26dvs%3D2189%26dfvs%3D2189%26dvpt%3D2429%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2189&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 24B4 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=1922&pub_id=2039057&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=1922&pub_id=2039057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:35 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f078f44-0d25-409f-913c-e7b4dc3ec558
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3FD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiInmh21Zm_J1KFNBSGj-zB1bu7N9SMxm7QJb9CKa3ebKGywIl7qSMqmIeLB75JZR-covQX-BjwvIr41V2-ho-JN2B_E-mhf499fHY9RGHnUXdsiAAa9FRFq5dh42S7O8c93Bwtta7w1oeZ4G6xzGnynIufDygWHhla-pPsPQoiKk6lx-Kq7Wp4mz_b-ocn9tljiYez75Ud4MzYNvh3nOzDRhJz41aXAkce85jOicd20Y1-5qrA3asS7E3u4w6qR2St8DziK52Ar_fYWd4t32lPvuHtv1Brobzjf2SP6DE38oAGrXEeItTFZnVjeEpw9ehbO22lhT3G_x_l5ichEcaG7DuLsZbb6BO-T9qb28jF_s&sig=Cg0ArKJSzBiIOranlofZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3FD0 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ebe8c45c51d8500d3ad8e40f4ac5118b548a0b3cb700cd6cd9a32cf81aa5c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10649
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BA57 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 23:39:42 GMT
file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BA57
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1389B2C7C45FC8F7E6A5C646E8E37F756B9108FD.7D93FD05A1018FC8B53A945F5E0A0CAD7C009C77/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
2607:f8b0:4006:9::9 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:35 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231163
Last-Modified
Fri, 11 Mar 2022 11:11:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 18 Mar 2022 09:12:35 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1389B2C7C45FC8F7E6A5C646E8E37F756B9108FD.7D93FD05A1018FC8B53A945F5E0A0CAD7C009C77/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame D60F 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&e=wqT_3QLOCqBOBQAAAwDWAAUBCIKa0ZEGEL7LjPrAybmxfRjdxMjPqvLVoFgqNgkAAAECCPg_EQEHNAAA-D8ZAAAAwPUo-D8hERIAKREJADERG7Aw_YGXCziCD0CCD0gCUIvJjqUBWIubmAFgAGiS8rYBePvCBYABAYoBA1VTRJIFBvBVmAGsAqAB-gGoAQGwAQC4AQLAAQTIAQLQAQDYAQDgAQDwAQCKAjx1ZignYScsIDIxOTcyNTgsIDE2NDc1OTQ3NTQpO3VmKCdyJywgMzQ2MjY4ODExLCAuHwD0BQGSAvEDIXJrNVhmd2lsby04WUVJdkpqcVVCR0FBZ2k1dVlBVEFBT0FCQUEwaUNEMUQ5Z1pjTFdBQmc3UVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRT3dBUUM1QWI3UVRNVUFBUGdfd1FHLTBFekZBQUQ0UDhrQmlKUkdaZDhVX2pfWkFRQUFBQUFBQVBBXzRBRUE5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1UTXk0QVB2TFlnRUFKQUVBSmdFQWNFRUFBQUFBBXoIREpCBQgJARgyQVFBOFFRCQ0BARxJZ0ZqQ2lwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JmQ1RDZkFGay1TZkNQZ0ZpbzZHQVlJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHAUwBASwtRC1vQmdHeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCEhBQUFDNEJnby6aApkBIW94Qi1fPvUBLEl1Ym1BRWdBeWdBTRXpUGdfT2dsT1dVMHlPalV4TXpKQTd5MRV5CDhEOR15AEIdeQBCHXkIQnBBFQEEQngVCxRBQjRBSWsueAH0UwEu2ALWCeACqORc6gKEAWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9uZXdzL2FydGljbGUtMjE4Nzk5OS9XaWxsLTE0OG0tRXVyb01pbGxpb25zLWphY2twb3Qtd2lubmVyLXNoYXJlLWZvcnR1bmUtbG9uZy1sb3N0LWhhbGYtYnJvdGhlci1tZXQuaHRtbIADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA90c4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIECzk2LjkuMjQ5LjQyqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMTkyMiNOWU0yOjUxMzLaBAIIAeAEAPAEi8mOpQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG6QbaBhYKEAkRGQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaBbQw3B5AAMgH-8IF0gcNCRE6ATgI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=b926e1b9a2ab46e2d33cd1f9d2a2f8aabe233fb1&type=nv&nvt=5&jm=1003&px=8&py=25&bw=300&bh=250&sid=5515550001999026630&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=23445757&sw=1600&sh=1200&pw=1642&ph=62021&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:35 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce3075c2-b9af-4c82-895f-d55d5214fb9b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
zkxqnlb5wnagicu4bjotp.json
windaloop.com/c/ Frame D60F 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/c/zkxqnlb5wnagicu4bjotp.json
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b1494a7e2fdcefd9af0ae6c01e3013f8405fd1dcd463efca33d718c13157ffd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iBKzYs6Cpp9tLUKyMUMuRkBz32ioe7lF
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
last-modified
Wed, 16 Mar 2022 10:46:52 GMT
server
AmazonS3
age
80626
etag
"8566c0b8a82c9cb9518c29360ba12728"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
date
Thu, 17 Mar 2022 10:48:50 GMT
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
1466
x-amz-cf-id
gwmRbLCA7COM-iEKgEeqwhbA6a_PkWDasR0whk-eKO8_m5IMfzIi5g==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2347 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
debug
ch-trc-events.taboola.com/dailymail-us/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/dailymail-us/log/2/debug?tim=09%3A12%3A35.083&type=warn&msg=Load%20publisher%20card%3A%20most%20watched%20videos%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23most-watched-videos-lazy-container%20failed%20after%205%20retries&llvl=2&id=6600&cv=20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT&lt=explore-more-header-ab-test_var&idx=pc&pc=most%20watched%20videos&st=0&sel=%23most-watched-videos-lazy-container&slot=7&plat=DESK
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21785
esp.js
oa.openxcdn.net/ Frame 3FD0 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 09:40:20 GMT
content-encoding
gzip
age
257535
x-guploader-uploadid
ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 15 Mar 2023 09:40:20 GMT
googleESP.js
js-sec.casalemedia.com/um/ Frame 3FD0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/googleESP.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 19:23:40 GMT
Server
Apache
ETag
"e20064-9e5-5d8279649fb38"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1174
pw.js
cdn.includemodal.com/ Frame ED83 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5826
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594755.117875,VS0,VE0
date
Fri, 18 Mar 2022 09:12:35 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
62
view
securepubads.g.doubleclick.net/pcs/ Frame ED83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3JlxvICv8e7c_Hyuu0HOt3QqEBfrQl7bvN7T_Q3UbQYyw6JXho07lVYKHd7KeYBh8lwoTcEuT8b64vkZNADV7O1Sqfhi-U9NpzsbQ7WsCBFGjSWaa_HDqjBBkHz81aKoKHvQEJsq3wQuvYRZQiDxYPPudzI4kob7o4xR0hGvv696uzsf4n_uXz-RhStMHatLB3MTgxf5p3e7KVOWjEDJb1vkG7_tTeyrti0geZ29oGqkaA50xw2Nzar6CcJkjd5Q5Kx60knn4gMe7t87OB2EfIUg06HQzI8-0UE_IKJxiuZ0wiH7D42wtg48ObYq1sRgAgzM_zaRSdWrF30nVD3uMFUqDG4Dmr1yeGi2PH4-b&sig=Cg0ArKJSzFoQnHW0LmBREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED83 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame ED83 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59312
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame ED83 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame ED83 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
4
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
fqR_jrQtlf_LHPpNMlIBYBqJyv6NgXtllrUztDTbyuoYTaGzqXDWPg==
expires
Fri, 18 Mar 2022 09:17:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3FD0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 6307 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=499949
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vAr1Qu%2Bc4YpARoz%2B0eZ8u3geYDUltPYrHKBEGmjykRBKNS1Zc9XxU0K8CgxSX2nkVjmBgfiuZwu0y8YA8XLdpafo8YfHZZk0fo%2FkyuhMpab8GwOQkJNSrETWmpOy%2FDDK47Ua1tM4yJ1aUqFpH%2FVVwMRqg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8f3afff0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1us1OOgkhhOWkBjWmC
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2348,0,0,0,0%26mtos%3D2...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2348,0,0,0,0%26mtos%3D2348,2348,2348,2348,2348%26amtos%3D0,0,0,0,0%26mcvt%3D2348%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2588%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D10645%26vmtime%3D2681%26dtos%3D159%26dtoss%3D2%26dvs%3D159%26dfvs%3D159%26dvpt%3D159%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2348,2348,2348,2348,2348%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2348;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554;ecn1=1;etm1=0;eid1=960584;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=videoplaytime25&ad_mt=2681&acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D2348,0,0,0,0%26mtos%3D2348,2348,2348,2348,2348%26amtos%3D0,0,0,0,0%26mcvt%3D2348%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2588%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D10645%26vmtime%3D2681%26dtos%3D159%26dtoss%3D2%26dvs%3D159%26dfvs%3D159%26dvpt%3D159%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2348,2348,2348,2348,2348%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2348&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm_:onejs_load_evt@v=1334,onejs_exec_time@v=0,aax_load_time@v=333,aax_load_time_one_tag@v=333,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame D60F 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1334,onejs_exec_time@v=0,aax_load_time@v=333,aax_load_time_one_tag@v=333,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=3ef31b91-160e-4203-96cf-63f74b9fe60a&session=6a5c9927-0737-44de-82dc-64d163c7c23b
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:34 GMT
x-amzn-RequestId
ab6384ac-1aac-4ce7-a1dd-09ee6e182fe9
Content-Type
text/plain
integrator.js
adservice.google.com/adsid/ Frame 3FD0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3FD0 		50 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=39731558065206&correlator=375222027291543&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=2&adks=3514381609&sfv=1-0-38&ecs=20220318&ris=1&rcs=1&fsapi=false&prev_scp=abv%3D4.1.93%26adx_channel%3D8%26amznbid%3D1y4n2f4%26amzniid%3DIrICk9IN9jy6i9Fz84N0l4sAAAF_nEzBOwEAAAv5AV8EuWM%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2006dcd3a198a35e%26hb_adid_33across%3D2006dcd3a198a35e%26hb_adid_sharethrough%3D141de20c9532cda5%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_sharethrou%3Dbanner%26hb_pb%3D0.43%26hb_pb_33across%3D0.43%26hb_pb_sharethrough%3D0.19%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_size_sharethrough%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_sharethrough%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_sharethrou%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.43%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dsky_right_top%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D82%26in2w_key15%3Do0%26in2w_key16%3D12%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2-88%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h88qgz%26in2w_key7%3D842%26in2w_key8%3D81%2C82%2C83%26in2w_key9001%3D2%26in2w_key3%3Dadx842%26in2w_key12%3Doptimization&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594755163&dlt=1647594753046&idt=1513&biw=1600&bih=1200&isw=160&ish=600&adxs=1292&adys=43&oid=2&ucis=rso9pfpks5as&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x36&msz=160x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594755&ga_hid=1344664261&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
05d0d4e2bee3bfea091b101d2a8b4be411b2a6764c390dfc04c5c84c535dae38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17937
x-xss-protection
0
google-lineitem-id
5787369563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377414323
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6D37 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:39:43 GMT
expires
Fri, 17 Mar 2023 23:39:43 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
34372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
noop
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsf-tm.everesttech.net/stats/1/noop?event=initAd&sessId=undefined&cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&mpKey=btXxJqnWClDtkAjBpZEd&psId=3ULOuOEPIKm4jjXMIVZG&feedId=btXxJqnWClDtkAjBpZEd&rurl=https%3A%2F%2Fwww.dailymail.co.uk&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&price=55FC6852F576BD07&apv=undefined&rt=HTML5&smpl=1
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 varnish
x-pt
P=173
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18156-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame 3CC1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79B4) /
Resource Hash
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 01:39:46 GMT
server
ECAcc (nya/79B4)
age
3879
etag
"1983306799"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4789
expires
Sat, 19 Mar 2022 09:12:35 GMT
noop
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsf-tm.everesttech.net/stats/1/noop?event=vLoaded&sessId=undefined&cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&mpKey=btXxJqnWClDtkAjBpZEd&psId=3ULOuOEPIKm4jjXMIVZG&feedId=btXxJqnWClDtkAjBpZEd&rurl=https%3A%2F%2Fwww.dailymail.co.uk&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&price=55FC6852F576BD07&apv=undefined&rt=HTML5&smpl=1
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 varnish
x-pt
P=187
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18156-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;amo=ef_id=YjRM-gAN66WnSAAy:20220318041232:d&s_kwcid=AC!uPKVW5jfD6rMGN9MnNXQ!rZ84uViILoH...
ad.doubleclick.net/ddm/pfadx/N1375681.3261625ADOBE/B26100003.326554515;sz=0x0;ord=1287238716;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 3CC1 		45 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N1375681.3261625ADOBE/B26100003.326554515;sz=0x0;ord=1287238716;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;amo=ef_id=YjRM-gAN66WnSAAy:20220318041232:d&s_kwcid=AC!uPKVW5jfD6rMGN9MnNXQ!rZ84uViILoH9hvOGFXkM;ltd=
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
cafe /
Resource Hash
457fa1b292a866bb466638ce289ddbf683b1d0e9561952fb459d94a96447bd25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14813
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 6307 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A22026445361%3A-&de=39312919706&t=1647594755190&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2904122127%26moatClientLevel3%3D5787369563%26moatClientLevel4%3D138376929197%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D22026445361%26zMoatPS%3Dmpu_left%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=832702918&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:35 GMT
truncated
/ Frame 6307 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
415f12baa9ec9cacb9bb63b5f8c1e21864a2c6fb125581767bdaff66fc790cdf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
d5d11f12-a51b-4edf-91ad-3412b2ec48fc
https://www.dailymail.co.uk/ Frame 6307 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/d5d11f12-a51b-4edf-91ad-3412b2ec48fc
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 4941 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:39:43 GMT
expires
Fri, 17 Mar 2023 23:39:43 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
34372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6FE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=1432210398034083&rc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
getad
aax-us-east.amazon-adsystem.com/x/ Frame 6307 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=24&pc=39731558065206&lid=openx&eids=31063247
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E643 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
2b6ae1270bd7f8130702084d1bd442e037be9b606cb030ea1960aaf3ba689e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27853
x-xss-protection
0
server
sffe
etag
"1161 / 94 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:12:35 GMT
prebid_v4_38.js
hb.adpone.com/ Frame E643 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0k6vu3apCPt3U3r%2FMuQXCRzCgu%2FYvoFJUIdkiOISTbEyPuDu4SRwc6Uzq1AmPPeEw0edeBtcH4ItvvHG1TLJ%2B9UQ2M12lpGxQJCpds2yJ3G5vdJn6lp1msJJ1ge9ZhGzLXs1GS5QvalPHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f56c5e8c23-EWR
p.html
windaloop.com/r/ Frame D1BD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=xfiyobfi&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
bGPDz85j_N3iH7sJIoG4bYW_5C3ety3Vx7T3d6Qd5MH8FrJ3yCYWAQ==
age
63702
p.html
windaloop.com/r/ Frame EFBF 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=tummowyqmc&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
yDpUauRTKFMLXqLfRz9On_Ibo-8UTo_CLzW0vpkhw59B5VuK1GaStg==
age
63702
p.html
windaloop.com/r/ Frame 9B08 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=fnsegoyqoh&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
yyJr7I0845d-uIxtztCGVrx4pZYwKWBM_LzItjZ9rm7Iq97I6fON-Q==
age
63702
p.html
windaloop.com/r/ Frame E82C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
4fmemiLIFFxlp2ArB6VaHzGjrZEVTFoMKBscEhr3eYQ51x2QAzMQ5Q==
age
63702
p.html
windaloop.com/r/ Frame 8682 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=ydwnmumrxe&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
42lZIKhY3yvcEBisTXWA2WJW9p3KbQ3gCYXCcbvBHTPrK_hJCeI1Rg==
age
63702
p.html
windaloop.com/r/ Frame 3C24 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=uijfnrjjdk&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
GucR1GOwZ31k85QVrYpycMjsyd1i8PoKCSdG_lLxDGahiifDI0gUhA==
age
63702
p.html
windaloop.com/r/ Frame D6D9 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=iujttgih&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
xtibFcg_3-1SWHAU9rdoY98DcMR8hKZHhd_aR7kpC1V0iaJfFMN32A==
age
63702
p.html
windaloop.com/r/ Frame 7266 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=cudywlknjo&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
vdgmc0xiHDRqhOZvVmbz-C4iBQXtI6dPuwubJRtiSxjV9aZryahJrQ==
age
63702
p.html
windaloop.com/r/ Frame EF0D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=cmmelq&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
tFMFtWO8Ulo5_BoVGPo9mCqu6mo4VGmvlEWLjad5a2IfAbxPgI2A0Q==
age
63702
p.html
windaloop.com/r/ Frame D683 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=meemooeee&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
syH9ZZsQsHTqkk9mR0jNy3Z_L9iq8481bLZSvBBqLvxYYxAj0WSduw==
age
63702
p.html
windaloop.com/r/ Frame 287C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=oencvor&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
cZHTKt0sK7HU4Mveq4nivHrlvacmg5vIIHpQ-jgVZHprcj_VCa0ZKw==
age
63702
p.html
windaloop.com/r/ Frame 5BE9 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=xwxbhdhfo&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
aKEvi_Az4qhLBeT-mspc9p7x6QZh8d9FRtvIH_5roXfDpY8oR-gIIw==
age
63702
p.html
windaloop.com/r/ Frame C08C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=tvbayjx&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
Pw7c3Yy2BMUEbhBjRnTidjjFip_lbLkwoFquepyAyW8pK2yYOXHKow==
age
63702
p.html
windaloop.com/r/ Frame 6AFA 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windaloop.com/r/p.html?f=vblctxybyam&e=1556073704375
Requested by
Host: windaloop.com
URL: https://windaloop.com/t.js?i=zkxqnlb5wnagicu4bjotp&cb=8685211647594754723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-25.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Thu, 17 Mar 2022 15:30:53 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
feTndUmDzwZZW_sqIfRDzY_RO_jq7Qd-sQmkHXMkSQ86A0aR_fjaAw==
age
63702
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame ED83 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=982435
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msW348GMx%2FEnElJzchXSnntKtsrOrRR9BhHo2iyaCTnXM0sLf418pwlKszLn%2FrriAu%2FMyMGp3C%2FKgj%2BxYRvCPxlaLz5C7KKHBD6alqIWSZw27e8Jog3lhh51OJEvJUzkXIg9%2F6Eg9j1ROPBkRlobhbV1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8f4e9050ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1us178RHUEyz8EfkQx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 58B0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
35b86b18bc02b9e4afcf02dd2a015f1d39f3f3bcb04aa884e8c1edf1f7750b46
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hmBKXk+pq/HPbym+5dSPFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:35 GMT
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hmBKXk+pq/HPbym+5dSPFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame F040 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
42157ac3-72b9-4783-a1d6-568b98212dc5
https://www.dailymail.co.uk/ Frame ED83 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/42157ac3-72b9-4783-a1d6-568b98212dc5
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
cookieSync.html
js-sec.casalemedia.com/um/ Frame 654F 		130 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.casalemedia.com/um/cookieSync.html
Requested by
Host: js-sec.casalemedia.com
URL: https://js-sec.casalemedia.com/um/googleESP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 22 Oct 2020 14:12:07 GMT
ETag
"e200fb-82-5b2430c98a4bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
113
Date
Fri, 18 Mar 2022 09:12:35 GMT
Connection
keep-alive
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 706B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b42c173bb743381ec5c0bc84256a7e0d1956c0e3eb2b3f9a2b65590b18a9304b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R8kORypH96zGvqBpPd+fcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:35 GMT
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-R8kORypH96zGvqBpPd+fcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ Frame ED83 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274104%3A-&de=266979644298&t=1647594755379&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2904122127%26moatClientLevel3%3D5787369563%26moatClientLevel4%3D138376929203%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274104%26zMoatPS%3Dsky_right_top%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=1805273789&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:35 GMT
truncated
/ Frame ED83 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31b0e1e81dce3937d09c88beb7b911dd4d56040e1d97141dfda19ca38b4796eb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
getad
aax-us-east.amazon-adsystem.com/x/ Frame ED83 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:35 GMT
Server
Server
x-amz-rid
4HGDHQQA5FNCHRGN3ZKE
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
view
securepubads.g.doubleclick.net/pcs/ Frame 5920 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg7iLIxtlK6fcCpvofA68Vq6PPOQZV812cSVw9JimyagDDW-e6JXGTsxTJ4qvGp-9YPpy0FjlnJQeuaRSh-zpngmgVTRMd2u2SW9r7GjUX07ez_Ov7E-6FxjaRKsmwdQPjUNv89FIjrvGoxtTfwm1F0anSVE0mUeiGS4W3_AsszjoIdD4nlGUsKOUGWUwKyNtSb4KFYwmUwN-6DbVAl8XP1QMnHm1xiolSudXXU1lh3OOC0lfZOOiwZQkRuXkQhcup7ctcqi43IZtUIGsKsA9xzFlnN28XTDW9G-CQY_-uGHtWP69x3zcHw5laR4edUfxpxlQpO-X-f75eR5290yAqQBtKWmGKguixht1p&sig=Cg0ArKJSzNpSfrJlyaZiEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5920 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cbe4665952c6a4920cc99d91166052cb685f35af697c8837337f46d41961d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10494
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6307 		0
0
pw.js
cdn.includemodal.com/ Frame B4CF 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5827
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594755.477870,VS0,VE0
date
Fri, 18 Mar 2022 09:12:35 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
63
view
securepubads.g.doubleclick.net/pcs/ Frame B4CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWPo419lTn_I4a0gUmQcivCNtCEDxYCUOFYu4qAoGvPE9s26cL387evAjya8Z6bVEUck69FlTOSXc4UqQsCz0o5Oc_24zHzp5B6QLI8_URZb7wwi77Ep1ALsYoc16QIcqqtB_y2088rRPPIxluDj5BUTaKsjEmz2XTJE5tssGY5FEY3Iw-FU3SI9pnUQix9cZUSlFw2TuB3wy14hDmSxNXZ0sNxSxiLUktDy-Hpemr5Wo0gAf6FwDGousg7VspiFllnW_d3WaPnynEK2kncOqQuDNEU9UBytGSRiM4QAzIXGWW5iRsBsgMETapAF-zpOZAKdooCMYdlu0lfSWDwyNtgURCF2rp5GA&sig=Cg0ArKJSzISfnd2-f4gkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4CF 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame B4CF 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59312
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame B4CF 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.45677948.Campaign%20ID.479101508.Line%20Item%20ID.248283068
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame B4CF 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
4
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
55XC4er5ySwFCs0X-nMhvH4mdKO_894VVomWHH_PUgd40X2BgK9-Wg==
expires
Fri, 18 Mar 2022 09:17:31 GMT
renderstart
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 varnish
x-pt
P=191
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5920 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
/
crta.dailymail.co.uk/ 		8 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:35 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame E643 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 23:40:24 GMT
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 8472
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33935

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame 8472
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33935

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 8472
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26v%3D1%26taboola_hm%3D%25%25VG...
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&v=1&taboola_hm=QKodMwjjXFVx&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&v=1&taboola_hm=QKodMwjjXFVx&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31407

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&v=1&taboola_hm=QKodMwjjXFVx&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 95B6 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/804E73E53FE7923F42AFB0A298F853957CC9EE03.6D0B509C9722261F36B8B782E2C9000E580ACF29/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:9::9 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5ff8d89b029ec2043f86caf36457219e4e5042562cc242731ef27e1a1972bba3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2231162/2231163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231163
expires
Fri, 18 Mar 2022 09:12:35 GMT
last-modified
Fri, 11 Mar 2022 11:11:35 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BA57 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/a57a98b92cf0400c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679130754/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1389B2C7C45FC8F7E6A5C646E8E37F756B9108FD.7D93FD05A1018FC8B53A945F5E0A0CAD7C009C77/key/cms1/cms_redirect/yes/mh/bC/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznze/ms/onc/mt/1647593599/mv/u/mvi/4/pl/48/file/file.mp4
Requested by
Host: ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
URL: https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:9::9 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5ff8d89b029ec2043f86caf36457219e4e5042562cc242731ef27e1a1972bba3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2231162/2231163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231163
expires
Fri, 18 Mar 2022 09:12:35 GMT
last-modified
Fri, 11 Mar 2022 11:11:35 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
client-protocol
quic
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame F832
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33935

Redirect headers

location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=LdiZ4S-JzLA23p3nK4iH5C2OkuM23c_kftwMwRzz
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame F832
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33935

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame F832
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31407

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.html
eus.rubiconproject.com/ Frame 19FF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:35 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame AA1B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:35 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 18 Mar 2022 09:12:35 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usermatch
ssum.casalemedia.com/ Frame 37B9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d930e7c964fc5c906a3ee6535d94f2a752ea840de40cc5e1f42a6b7b084be9da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
105|57|156|26|13|51|131|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:35 GMT
Content-Length
1720
Connection
keep-alive
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame B4CF 		0
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=787396
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcsnGUeh%2BVwJPQ7ZmtJJPWfvYBBPL5pP0RWJbiISZa%2BqpQ4gXZUgvzL8bNbfcmKUr642wWL0WiIO8wVPcY4LD%2F5tCVG7TXR1nKNV5z3llMk2XrwQpgjUo3xmBnZeF76qhWpjBGt3XB8Qh%2BNf%2BTrs2F7haQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd8f7abda0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1us3kd_QKkBusAHbNS
cm_:onejs_load_evt@v=285,onejs_exec_time@v=1,aax_load_time@v=391,aax_load_time_one_tag@v=391,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame ED83 		0
0
noop
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsf-tm.everesttech.net/stats/1/noop?event=partnersInit&sessId=undefined&cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&mpKey=btXxJqnWClDtkAjBpZEd&psId=3ULOuOEPIKm4jjXMIVZG&feedId=btXxJqnWClDtkAjBpZEd&rurl=https%3A%2F%2Fwww.dailymail.co.uk&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&price=55FC6852F576BD07&apv=undefined&rt=HTML5&msg=%2C&smpl=1
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
via
1.1 varnish
x-pt
P=304
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18156-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 2831 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f389d98e1385a7f1aa7767b367799a7369c5b4a64a49c32ab750ac71b4bcd118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23675
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 17:21:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:22:01 GMT
pixel.gif
px.moatads.com/ Frame B4CF 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A22026445361%3A-&de=812141551873&t=1647594755834&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D45677948%26moatClientLevel2%3D479101508%26moatClientLevel3%3D248283068%26moatClientLevel4%3D133674874148%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D22026445361%26zMoatPS%3Dmpu_left%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=2083244300&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:35 GMT
admi
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 87A6 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
814c726611b8ee71c378acc9f21dd0aa9be7868f9a7741ecf2e056058b33e9f9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

Server
Server
Date
Fri, 18 Mar 2022 09:12:35 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
6133
Connection
keep-alive
x-amz-rid
HWZMT20SJ37C266AGYDW
Cache-Control
no-store, max-age=0
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
csm_othersv5.js
c.amazon-adsystem.com/bao-csm/direct/ Frame B4CF 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 02:21:57 GMT
content-encoding
gzip
server
Server
age
24637
x-amz-rid
1KT2QD7WG595MWVFPEK8
etag
cea0ea9972e073858d8de90ee4cf862f
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
4riD5FOkOcAy6yxngHGx6O7AR3bKF1yM
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jlrSoGcl4rnzR58OTJyl50fA4NGUwq-GCv-GhaPk6HWQ_TfEiCkl8w==
truncated
/ Frame B4CF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e6dce1f4ec6487d62435d836d2201e196cdb8ffb263ba1866ac686b25e28e8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
73fec0c3-91c0-49eb-accb-75ec93654762
https://www.dailymail.co.uk/ Frame B4CF 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/73fec0c3-91c0-49eb-accb-75ec93654762
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 6D37 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 23:39:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=55863995706537&rc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 4941 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 23:39:41 GMT
prebid_v4_38.js
hb.adpone.com/ Frame D1BD 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=xfiyobfi&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAVSd1%2FRAyfqCvNEXzU8SNXDUQ0txAesvZu8x0uzSXjYj77CUizzrOBvSfE3y07ns6hIo0FhXep%2BOTys3fyuNseJ8Sp84gfk1BQ4Oc7oYaCpW%2BsTqh2W20nCgi1R1IaJs6%2FxvcZQPyMYLsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f84a198c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame EFBF 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=tummowyqmc&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B361CIOguEIzAtTlm%2F4XXEXpm1%2BahPM4pYvo9O63yH0lZCjBCqU9Gjozwf4MYnIqOzcQEbOoK7uEqBrtZ4caF%2BXAFcv15Dpyeidq9PZzWWBHwSLHUJelrGh09T6AukUR%2BMs2lArrPIiy%2B6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f84a218c23-EWR
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 478E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 240B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3fe2721c2a533967bfcd838be67adfa4c8848faeb3213d47f80fddd4ab75c1ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L0ZwFX73ibHGE5vf6Honug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:35 GMT
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-L0ZwFX73ibHGE5vf6Honug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid_v4_38.js
hb.adpone.com/ Frame 9B08 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=fnsegoyqoh&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AAfo%2Feb5RGCemg88X9Rc%2BHYjqoP%2FOt3TFEzaf7eu7RW3bmSl0o5HNz4r1RBh%2Bh5Du0dd0ZlBZGdGYfr3QNMsNYjUaWDyvUYoReL%2B1CV%2F53%2BGKFv%2BXJOfOkXYEv0cgC49Ejkp1VSeH2GcFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f86a538c23-EWR
activeview
pagead2.googlesyndication.com/pcs/ Frame ED83 		0
0
pw.js
cdn.includemodal.com/ Frame 0B4A 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5827
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594756.927867,VS0,VE0
date
Fri, 18 Mar 2022 09:12:35 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
64
view
securepubads.g.doubleclick.net/pcs/ Frame 0B4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5S0FAjVzRa7vShF75ZXo6IxaUOsj3QGpgLROXmw-66vvptDTk6ZaXeP5yt_zOI-Zy2VqgyB5QgiB0kh-q4OPg06pPkvihXmAHjqF4xn7oFqV23UYqT-mRAtOt6kB5YsFQQAOc2YSErBvJHoZTkF1BZ6wIcCBUNiVSIyFSskyg2p5okb4OgRp2rY6qIE7PDIEObCXhFDIYBmQndJtk5NnvRYDbUZgNkUNtVcExNOLH1fQ2D6vR4ZGtAp3XXypVxVa853JorVrxiQkzEG39NK8avq9ziD85yzBeZI47AK-bQr4ZBLHDY1lDlzK4piDHXTMHaqVkNjLONGolhSw1AfiqeNYM9CLfVueqoBIo_4Ig&sig=Cg0ArKJSzPIy_-msh975EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B4A 		117 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:35 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame 0B4A 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59312
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame 0B4A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.5064879769.Campaign%20ID.2904122127.Line%20Item%20ID.5787369563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 0B4A 		22 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
4
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
4fG8m3R9EHHDUSwviDwgd25peZABvS28qt7rwQtST2I5Y_Nl_jB2Cg==
expires
Fri, 18 Mar 2022 09:17:31 GMT
integrator.js
adservice.google.com/adsid/ Frame 3FD0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3FD0 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=39731558065206&correlator=375222027291543&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&tfcd=0&iu_parts=424397508%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=3&adks=3514381609&sfv=1-0-38&ecs=20220318&ris=1&rcs=2&fsapi=false&prev_scp=abv%3D4.1.93%26adx_channel%3D8%26amznbid%3D1y4n2f4%26amzniid%3DIrICk9IN9jy6i9Fz84N0l4sAAAF_nEzBOwEAAAv5AV8EuWM%26amznp%3D1m4mmm8%26amznsz%3D300x250%26area%3Dnews%26article%3D2187999%26articlewithvideo%3Dfalse%26bc%3D0%26bc_diff%3D0%26bot%3Dfalse%26cmp%3Dccpa%26consent%3Dfalse%26country%3Dus%26device%3Dwindows10%26environment%3Dproduction%26gdpr%3D0%26hb_adid%3D2006dcd3a198a35e%26hb_adid_33across%3D2006dcd3a198a35e%26hb_adid_sharethrough%3D141de20c9532cda5%26hb_bidder%3D33across%26hb_format%3Dbanner%26hb_format_33across%3Dbanner%26hb_format_sharethrou%3Dbanner%26hb_pb%3D0.43%26hb_pb_33across%3D0.43%26hb_pb_sharethrough%3D0.19%26hb_size%3D300x600%26hb_size_33across%3D300x600%26hb_size_sharethrough%3D300x600%26hb_skin%3Dfalse%26hb_skin_33across%3Dfalse%26hb_skin_sharethrough%3Dfalse%26hb_source%3Dclient%26hb_source_33across%3Dclient%26hb_source_sharethrou%3Dclient%26ias-bsp%3Dias_safe_positive_neutral_aus%2Cias_sales_visit_brighton%2Cias_sales_lottery%2CIAS_SAFE_GARM1%2Cias_sales_no_supermarkets%2Cias_sales_excl_covid%2Cias_safe_strict%2Cias_safe_sales_pm%2CIAS_Safe_Nov2021%2CIAS_SAFE_ClientKWblockingList_22%252F22%2CIAS_SAFE2%2Cias_safe%2CIAS_Custom%2520LB%2520List%2Cias_sales_summertime_19_ire%2Cias_sentiment_positive%2Cias_interest_sleep%2Cias_interest_travel_long_haul%2Cias_sales_book%2Cias_interest_family_parenting%2Cias_interest_travel_staycation%2Cias_interest_family%2Cias_shopping%2Cias_sales_skincare_jj%2Cias_sales_premium_brands%2Cias_interest_british%2Cias_celeb_royal_family%2Cias_interest_travel_holidays%2Cias_interest_travel%2Cias_emotions_positive%26id5%3Dtrue%26impid%3D83c86749-749a-4ab4-8aa6-478bd8fa23e5%26location%3Ddailymail_co_uk%26m_categories%3Dmoat_safe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dsafe%26maxbid%3D0.43%26maxbid_bidder%3D33across%26maxbidpk%3D1%26mvt%3DabeDetectionDelay_15s%2CclsMonitor_off%2Cpermutive_on%2CperfMon_off%2CscannerTrial_control%2Cfe_desktop_default%26nobids%3Dfalse%26page%3Dart%26permutive%3D10277%2C17312%2C55620%2C100596%2Crts%26pos%3Dsky_right_top%26prog%3Dtrue%26ptime%3D1647594748625%26puid%3D869b04fa-ec24-4695-beb4-53b261fa91cf%26pvid%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26random%3D9d173b55-b50c-4dae-8d5f-2fea970b7b04%26refreshcount%3D0%26session%3D1%26session_page_id%3Dnone%26sh%3D1200%26style%3Dwide%26subarea%3Dnews%26sw%3D1600%26utm_source%3Dnone%26watershed%3Dfalse%26in2w_key%3D83%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx842%26in2w_key4%3D--28gz%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h88qgz%26in2w_key7%3D842%26in2w_key8%3D81%2C82%2C83%26in2w_key9001%3D3&eri=5&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594755930&dlt=1647594753046&idt=1513&biw=1600&bih=1200&isw=160&ish=600&adxs=1292&adys=43&oid=2&ucis=rso9pfpks5as&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.dailymail.co.uk&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=www.dailymail.co.uk&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x36&msz=160x18&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594755&ga_hid=1344664261&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
964d2416447aa6da602d729c06dcbc8d40895e9791edec6feb0feaf79297178c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9217
x-xss-protection
0
google-lineitem-id
229276508
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
133667763908
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid_v4_38.js
hb.adpone.com/ Frame E82C 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjyK4IiSQ6N3gUq7fMYUrGNQwCzYVRc%2Fl%2BkzGXda6XjnUPLAif97k4B3OJuIfBFyVu9iQMqspvE8lyzSRUznZ6BrojikQwCC3%2F2S6Ig%2B%2Ftqy3vyrsGi2%2BbNCjnc6URyVunvcBwENKT9jCDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f8bac88c23-EWR
sodar
pagead2.googlesyndication.com/pagead/ Frame 706B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=39731558065206&rc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
prebid_v4_38.js
hb.adpone.com/ Frame 8682 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ydwnmumrxe&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2716
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNTrCN8dVBTqWhGS4HXmyC2o%2BmyGk6l28OTAOrztU9cq9DIJboSS6eN%2FuRx1ixRVhq1gMdVtOH%2BoXmGHb%2B9Ev3YvdefgtZgn%2F6JhzObUNFDhrYj1nYeXTxciDA5t4KKTjBc55PPUB0MCoZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f8bad08c23-EWR
getad
aax-us-east.amazon-adsystem.com/x/ Frame B4CF 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Server
x-amz-rid
1MZZ1R70JNX4BWKWY10J
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
integrator.js
adservice.google.com/adsid/ Frame E643 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E643 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123969779730784&correlator=1565363378632426&eid=31064904&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=21671350435%3A22684505004%2C300x250-dailymail.co.uk&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3104278707&sfv=1-0-38&ecs=20220318&fsapi=false&eri=1&sc=1&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&cdm=www.dailymail.co.uk&abxe=1&dt=1647594755996&lmt=1647594755&dlt=1647594755235&idt=751&biw=1600&bih=1200&isw=300&ish=250&adxs=8&adys=25&oid=2&ucis=diuw7tsd1r7k&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&top=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1144404248.1647594748&ga_sid=1647594756&ga_hid=1343450103&ga_fc=true&btvi=0&a3p=EhoKDGlkNS1zeW5jLmNvbRj8_LLi-S9FAAAAABIVCgVpbmRleBIAGJj_suL5L0UAAAAAEj4KCnB1YmNpZC5vcmcSJGViZTQ1ZTE1LTdlYTktNGRhNy05Yzg0LWQ0MGQwMDMwYWI0Zhjp_rLi-S9FAAAAABIeCg5lc3AuY3JpdGVvLmNvbRIAGI2Cs-L5L0UAAAAAEi8KBW9wZW54EhpjZmRSMlZHcDRyVHkvaEh2a1BDNlV3PT18fBjJg7Pi-S9FAAAAAA..&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
feab41f3a6e54ba3adb72fafe7eb967aff84bc24295788c285561f44b9e977ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8466
x-xss-protection
0
google-lineitem-id
4920373360
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257052588
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E643 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b509740c2288c07d79da8210d3d97c4a85e1c5950c54a2928733ec583584b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10567
x-xss-protection
0
container.html
538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 44FB 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:12:36 GMT
expires
Sat, 18 Mar 2023 09:12:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid_v4_38.js
hb.adpone.com/ Frame 3C24 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=uijfnrjjdk&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3SeZ%2FDLvcDphWHpt1rDwUDm3HTqmoBrayScSSPM9azN%2FBu0bPHxaadM8EITOqvFjFMU%2BHulbHGdpcvzBvXv2n2u6NrJ1Xmcd%2BtonJqjlBgiU%2Bv9w%2BRhO3wDMrYnmH4Vn1B7Gu8KWzNxW7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f91b738c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame D6D9 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=iujttgih&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqIp3OeI%2BzCR%2FMayOmQOXGbxfHTHlqCZgfClbBTNFxkxkemWsXu8tW5CoYoFhe5HWVowK8jZgLlsJ9mJBY4nmStG63jKiyzNGhYi4XkM%2F8evDyun%2Bf14FvGVCTFBDqRejqfy%2BPBBoKF2nEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f93ba08c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame 7266 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=cudywlknjo&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAkQgPtRCSKl3GhKhV93i7tPE1R5kj9RRN%2F8nQFfcbLiKTYVHIvO25L3OcqKuPZJ5HNV3iClfgkhyTFatLyHPVdvv5B5RJtdXU43tcbjuzYLCr0Ln7xs42z6KkkriyCwckPSyXzZ%2B9oBLJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f94bb68c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame EF0D 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=cmmelq&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQmlZdPWiR35gOCSSi8ozmqHxjCr0J8Owxu3pdxT7%2Bsi5zmaQYgUMGhuTzZUlo3OtXbnnNyzvAgYMPuAv%2Be7M3D82V8529a5fETqyzg55cR6ouCiwjJYW977UxMkWrv7YaK9quQxGdKx4Is%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f95bcc8c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame D683 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=meemooeee&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snb9oLV%2BPOBYEQTX8NPAbliqWfkyInR2e7r8%2BWD9EDrDru1ie%2BfH9%2FsuzluYvvQuNuo6yy2BSAkWWFua%2B0mK5PWuArUfPGZKZO%2BppsIFVwmwPcOn1C%2B3iBbh3x%2FKuxeBykRDLLJbAcaUAF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f96be18c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame 287C 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=oencvor&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGE4xQ9eLZXBz0J9kD7MDf5yKqkNVOXqXeYwq8jfFrpyJQD6Y%2Fr%2B9Q7UxXy1%2BqDYcbPpCb81APC5%2ByYK6TN2eVCInYYwx41%2FqjrAdTDwqPYeP7bdUgfx61bl8nsb3K35r7XIEKCKgNKTGFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f96c028c23-EWR
usync.js
eus.rubiconproject.com/ Frame 19FF 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22112
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
prebid_v4_38.js
hb.adpone.com/ Frame 5BE9 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=xwxbhdhfo&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqOuQwMAmK3LufIGH6U4ZlX3uHqOwAXbsd%2BUeLI1VvzpbZgm32oa6%2BC0NPstW6QVuK5QS%2BSuf7rBA%2FKEqQPA%2F7XBXOevyJul4bcYbXPwLoftlxSgQgUV0wftwydIgMlDG0DR8k6UgtglP%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f98c238c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame C08C 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=tvbayjx&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBz8DBp7wnvH%2BAm9%2F5CwI6UZg4WT4WcDPqYxkwzSaZOcYGaYDARRwrxbMnp7dHGNvwSjbFMG0xmX2vMOFy%2F6lfyWfb7hWGyPO03Tndq894z%2BQ%2BdwQkgcJELZNwnRHax4SyyEKj74nnJiNV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f99c548c23-EWR
prebid_v4_38.js
hb.adpone.com/ Frame 6AFA 		368 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=vblctxybyam&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2717
x-amz-request-id
AKY6F9VRPG155T5E
x-amz-id-2
2OGL8xaJIi/OfPbbq22C3DE1HuXeOSxjuG6RZR8Kpf42SQkoPkQogZQxyKWFLO0w7FfBoaj+FQE=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oasmKFg9YaR1I3SyPqwuQmnxCN6tLbPOzZvDCQ5lUF1Z8ytdYPOdVOXWA4it8zKIJOOIfEKDz1i%2Bz%2BFgxYArJbRCFkw9gY5a%2BDxXJtIQKBCZ9zqJ50uNDWz97TmUlyPn2xbvcQohK6VAKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6edcd8f9ac6e8c23-EWR
usync.js
eus.rubiconproject.com/ Frame AA1B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22112
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594756116&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0e4d783eddc0e55b528ac6a31a7147aa718971c12a0e6dca3930b10f1b2b1ac6

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
machineid
1109
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://reflex.imds-cdn.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
noop
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsf-tm.everesttech.net/stats/1/noop?event=vInit&sessId=undefined&cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&mpKey=btXxJqnWClDtkAjBpZEd&psId=3ULOuOEPIKm4jjXMIVZG&feedId=btXxJqnWClDtkAjBpZEd&rurl=https%3A%2F%2Fwww.dailymail.co.uk&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&price=55FC6852F576BD07&apv=undefined&rt=HTML5&smpl=1
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
via
1.1 varnish
x-pt
P=148
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18156-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:36 GMT
async_usersync
ib.adnxs.com/ Frame 24B4 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=1922&pub_id=2039057&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=1922&pub_id=2039057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd46d588-1060-41e1-94c6-881066476afc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 95B6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l0w7dl1n&c=3543318666684&slotId=1771659333342&qqid=CPOn59-oz_YCFUAGaAgddTsFTA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3FD0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswUpfaBmElh8seYsvtIli2cLCJOGvdijH0JCFuIOQ9IuGhlBDZ8B769x_wJW4WcGQt189J0oHMgunP0pwDMv3JMNm-aHK9PWFpQr9YrqEFmcNBEKUt&sig=Cg0ArKJSzJ4vA7zuTWlIEAE&id=lidar2&mcvt=1126&p=25,1292,625,1452&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1767785551&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594753046&rpt=1985&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 86C8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
cm
us-u.openx.net/w/1.0/ Frame 188B 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ttj
ib.3lift.com/ Frame 87A6 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=dailymail_ROS_HDX_TAM
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-16.ewr53.r.cloudfront.net
Software
/
Resource Hash
fc06659e04276f6af834162afd5727435128e0b8b3a233a24df215f3de040baf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:35 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
age
184
etag
"b3b491bc0f3222abade021ffef39ed4a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-C1
content-encoding
gzip
content-length
2362
x-amz-cf-id
BsFOoBhXSa7tKIoAwrrNO8cGaaxyQlWMvhS4O8mYvLryeXrEs0rEvw==
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 87A6 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&pp=1y4n2f4&isip=1
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M0JJQEYNDG9MJPSH61AF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
csm_view_only.js
c.amazon-adsystem.com/ Frame 87A6 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/csm_view_only.js
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
158e1487a7c062c98bcc4e1d22f4086ffebde5d00e1d944b724686c6aabd0ea0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:05:20 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 16:04:57 GMT
server
AmazonS3
age
61637
etag
"a4d58777a21fe680ccf868d08a358980"
x-cache
Hit from cloudfront
x-amz-version-id
UArTEwf22HCdsHdbKiVfVFfWAhw3rCbo
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
content-length
33249
x-amz-cf-id
31qK6feFDz_1OjOVigNxg_B7qG77ND9tjAlM2LTdxdjvcFvWqzqFHA==
crum
dsum-sec.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 18 Mar 2022 09:12:36 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:35 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=YjRM-vslB2dqu-QqfshUQAAA%26559
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e
date
Fri, 18 Mar 2022 09:12:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29334
crum
dsum-sec.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Date
Fri, 18 Mar 2022 09:12:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
rum
dsum.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1---
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c645530-439f-430f-be08-f3bda86d545b
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=7c645530-439f-430f-be08-f3bda86d545b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Daf231e30-3711-4eea-abed-7905c7506b1d%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6359460436251910749&pt=af231e30-3711-4eea-abed-7905c7506b1d%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26u...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=7c645530-439f-430f-be08-f3bda86d545b
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:38 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 37B9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
797
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd8fb8a1ad157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 37B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 37B9 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29334
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 77AF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
vevent
nym1-ib.adnxs.com/ Frame D60F 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&e=wqT_3QLOCqBOBQAAAwDWAAUBCIKa0ZEGEL7LjPrAybmxfRjdxMjPqvLVoFgqNgkAAAECCPg_EQEHNAAA-D8ZAAAAwPUo-D8hERIAKREJADERG7Aw_YGXCziCD0CCD0gCUIvJjqUBWIubmAFgAGiS8rYBePvCBYABAYoBA1VTRJIFBvBVmAGsAqAB-gGoAQGwAQC4AQLAAQTIAQLQAQDYAQDgAQDwAQCKAjx1ZignYScsIDIxOTcyNTgsIDE2NDc1OTQ3NTQpO3VmKCdyJywgMzQ2MjY4ODExLCAuHwD0BQGSAvEDIXJrNVhmd2lsby04WUVJdkpqcVVCR0FBZ2k1dVlBVEFBT0FCQUEwaUNEMUQ5Z1pjTFdBQmc3UVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRT3dBUUM1QWI3UVRNVUFBUGdfd1FHLTBFekZBQUQ0UDhrQmlKUkdaZDhVX2pfWkFRQUFBQUFBQVBBXzRBRUE5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1UTXk0QVB2TFlnRUFKQUVBSmdFQWNFRUFBQUFBBXoIREpCBQgJARgyQVFBOFFRCQ0BARxJZ0ZqQ2lwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JmQ1RDZkFGay1TZkNQZ0ZpbzZHQVlJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHAUwBASwtRC1vQmdHeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCEhBQUFDNEJnby6aApkBIW94Qi1fPvUBLEl1Ym1BRWdBeWdBTRXpUGdfT2dsT1dVMHlPalV4TXpKQTd5MRV5CDhEOR15AEIdeQBCHXkIQnBBFQEEQngVCxRBQjRBSWsueAH0UwEu2ALWCeACqORc6gKEAWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9uZXdzL2FydGljbGUtMjE4Nzk5OS9XaWxsLTE0OG0tRXVyb01pbGxpb25zLWphY2twb3Qtd2lubmVyLXNoYXJlLWZvcnR1bmUtbG9uZy1sb3N0LWhhbGYtYnJvdGhlci1tZXQuaHRtbIADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA90c4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIECzk2LjkuMjQ5LjQyqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMTkyMiNOWU0yOjUxMzLaBAIIAeAEAPAEi8mOpQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG6QbaBhYKEAkRGQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaBbQw3B5AAMgH-8IF0gcNCRE6ATgI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=b926e1b9a2ab46e2d33cd1f9d2a2f8aabe233fb1&type=pv&jm=1003&px=8&py=25&bw=300&bh=250&sf=1&sid=5515550001999026630&vd=ct~0|rr~5&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=23445757&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
832e4049-081e-440b-bb94-91e72298b3f6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2831 		371 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7522915bcb350be6f3157b1692458fdf8d6d728c2c09a8d0754c50101078e8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126233
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2831 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.002944224337530388&wt=1647594756326&sdkv=h.3.505.0&xai=AKAOjssf-HEgvYn347iiOigb4NJx8kiS0fojIhrC4eHWLjbTyGOXcQNg_zGttztS-_L07a9DOsXOrkhzlAcCHhQ5qgV2e-N7ziJY6uaDaul88Sx1W80sbNPaAQymMUdDpzjKHQBHU0xi&aid=518694600&len=00%3A00%3A15&url=2,https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22adCsm%22:[%7B%22tld%22:%22www.dailymail.co.uk%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22nomime%22%7D,%7B%22ns%22:1647594755465,%22st%22:%22373.40%22,%22re%22:%22401.50%22,%22ldTot%22:%2228.10%22%7D,...
aax.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/ Frame B4CF 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/%7B%22adCsm%22:[%7B%22tld%22:%22www.dailymail.co.uk%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22nomime%22%7D,%7B%22ns%22:1647594755465,%22st%22:%22373.40%22,%22re%22:%22401.50%22,%22ldTot%22:%2228.10%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.10%22,%22ltpm%22:%220.20%22,%22ltdm%22:%220.20%22,%22ltdb%22:%220.10%22,%22csmTot%22:%227.00%22%7D],%22pixelId%22:%22l24htjsx2t%22,%22ts%22:1647594756389,%22ver%22:%22d-1.20%22%7D?cb=4379437
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6386EBDWJ25S6J747K9H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
notify
tlx.3lift.com/s2s/ Frame 87A6 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=0.415&ts=1647594749&aid=16836037779496610436190&ec=3658_15736_0ngdwb3k&n=GgDyAtUBCAASFzE2ODM2MDM3Nzc5NDk2NjEwNDM2MTkwGAAgASjKHDD4ekABSABQAGAKaABw5a0NkAEAmAEAqAEAsAH0A7gBZMABnwPIAfQD4AFu8AEA%2BAH0A4ACnwOIAm6RAgAAAAAAAPA%2FmQLD9Shcj8LFP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BALuJIADrAKIA%2FoBkAMAmAMAoAMAuAP1sxTAAwDIAwDSAwgwbmdkd2Iza%2BAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwA%2FQD%2BAIHiAMAkgMEMGNmZJgDAA%3D%3D
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 87A6 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=16836037779496610436190
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
translator
hbopenbid.pubmatic.com/ Frame D1BD 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame D1BD 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0d844a37-a760-4a93-89f8-54edf96c6c70&nocache=1647594756531&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594755871&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
82f63a03b6eb0de8efdd1ae98e19af54f395c2d6bb835d1febcec0c3dfbd9c7c

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame D1BD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=56318674749
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c3a892f7ff0aea7ce425e3751399f9d67c186d45d530b897269cfd2ffb63001c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1483
prebid
ib.adnxs.com/ut/v3/ Frame D1BD 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
255b0e2c3b28aa6006e57fccb6c8976753aaeddb1dbb3a8feeb1e6a942cc28b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cadc9fe4-f788-4d17-ac03-7e1e2c333924
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame D1BD 		5 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD0wZDg0NGEzNy1hNzYwLTRhOTMtODlmOC01NGVkZjk2YzZjNzA%3D&pt=gross&stid=ed39d4ab-6aaf-452c-b6cb-660d6e1cc290&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D1BD 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=0d844a37-a760-4a93-89f8-54edf96c6c70&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05654220701050172
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
578db6cdc45ffbe7eaf29397af74a536fa56b980b96f866898acf2728d03f751

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4211
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame D1BD 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame D1BD 		982 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
1c106150a7df40a75531c73947e8c6066f1a1e82baaf8c91e6f3bd65006dc027

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
vast.xml
reflex.imds-cdn.com/vpaid/ 		689 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reflex.imds-cdn.com/vpaid/vast.xml?publisher=82376&placement=89226&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/791F) /
Resource Hash
76722bc26c486fb89b80dc3ddfa418089ba725602539f37f56e9f249d7cbce05

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
age
2580
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
429
access-control-allow-origin
https://www.dailymail.co.uk
last-modified
Wed, 09 Mar 2022 00:40:24 GMT
server
ECAcc (nya/791F)
etag
"ab8-5d9be57d2ce00"
vary
Accept-Encoding
x-varnish
807443691
via
1.1 varnish
cache-control
public, max-age=3600, immutable
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/xml
expires
Fri, 18 Mar 2022 10:12:36 GMT
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame 0B4A 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame EFBF 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3121b327e5efb78698ff77f163a53bdc71aa8f99a931ed405153f6b4ec2b8beb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3b4308a4-61d5-4dfd-b8ba-3b202005deb4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame EFBF 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD1lNDViZmE2MC05ZDJlLTQ1ZjYtOWMzMC0wMDZmNWVlYjJjYzk%3D&pt=gross&stid=a87c54ba-8c44-4937-bd0e-cd9e389e12aa&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame EFBF 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame EFBF 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame EFBF 		173 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e45bfa60-9d2e-45f6-9c30-006f5eeb2cc9&nocache=1647594756598&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594755880&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
a081f939e65e996a467a486c837e094810eeeb4ffb522499e6bb55b40a351b6e

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame EFBF 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
3f92219f73f3b42939b07902f5c960d3d04cebb5e0bc4798a76d7c0e0ab1fe83

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame EFBF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=41782509707
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf4a7cddca2aa970b3e3a33f9394ef212583822d57dfb68b408b26e4c3c2611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1477
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EFBF 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=e45bfa60-9d2e-45f6-9c30-006f5eeb2cc9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5412372872356221
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d29d2296d1396926fa51daf84830e8d9c062d636d62ec1a2db6ea81021e96a2a

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4221
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame FC7B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34221

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:36 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame FC7B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%2...
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=JgxFH3Odks2T&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=JgxFH3Odks2T&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34221

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=JgxFH3Odks2T&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame FC7B
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32617

Redirect headers

date
Fri, 18 Mar 2022 09:12:36 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://us-match.taboola.com/
access-control-allow-credentials
true
x-varnish
597199687
content-length
0
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame FC7B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32617

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=7e051b50-b1eb-4e90-80d8-b8c746f9c11d
date
Fri, 18 Mar 2022 09:12:36 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E643 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:36 GMT
cdb
bidder.criteo.com/ Frame 9B08 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=35918795830
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad9a8ae403e09f0c96dd19c7fe5eb5f24b30bf0064d2108d58854abcc9da4e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1475
/
adx.adform.net/adx/ Frame 9B08 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD00MmIxMjRjNy04NzhmLTQ0YmQtYTYzYi0yYzFjOGExOTdmNWU%3D&pt=gross&stid=83d95b8c-7625-45da-bd3a-2a56558dcc0b&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 9B08 		1022 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e2f2edf508488c0fb0336d5008cd30d929afce66a5adf2c70f8c628f47a1362d

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9B08 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=42b124c7-878f-44bd-a63b-2c1c8a197f5e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3611638260617238
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c937fa58b7b53c33d199cff42d212c85d0a8324efc3dfee45e67494682b71c97

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4212
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9B08 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f43be119cd3244fe33355fec0c84fe262ae3ca1d5c9b4d9151b952f67c55f92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4a3f50f0-c50d-4961-b25d-4b83a1ec2250
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 9B08 		174 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=42b124c7-878f-44bd-a63b-2c1c8a197f5e&nocache=1647594756621&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594755894&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e772634f80024b2cdd323d11574c47db097c8d930cc01717c23a125ac99ae51

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9B08 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adjson
ads.betweendigital.com/ Frame 9B08 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame 8682 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=041b1104-2af8-4eb8-bc0c-65c3a132c478&nocache=1647594756631&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594755948&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
a4ebd2cb81f6c2d004a708e18d50374d27c48f6a3c164d6d1c809f2d6a696210

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame 8682 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 8682 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b2b86c8dba0275041de7844d4fb4c074ae32a89a1b5970cc2468d33ec03263c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e98a846c-1ea5-4127-8576-eea891e31430
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8682 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
adx.adform.net/adx/ Frame 8682 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD0wNDFiMTEwNC0yYWY4LTRlYjgtYmMwYy02NWMzYTEzMmM0Nzg%3D&pt=gross&stid=e56233e1-0223-43fb-ad85-18c805e3497d&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8682 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=041b1104-2af8-4eb8-bc0c-65c3a132c478&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.584994447035132
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
04986abd648fdf8de0b4f19005c52ed7c0b90353207094d01a19ca3bcc39a73d

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4214
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 8682 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=78513970038
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d163e4f138a995867f8dea1d8772aa753f2a669cae93273b9ad5a2e574ed65b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
v1
prg.smartadserver.com/prebid/ Frame 8682 		953 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
1ad621e9ddf9359428c5259b8bb5e1bfbe645dd98cf4f65207e146dcefc628aa

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cm_:onejs_load_evt@v=506,onejs_exec_time@v=3,aax_load_time@v=663,aax_load_time_one_tag@v=663,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame B4CF 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=506,onejs_exec_time@v=3,aax_load_time@v=663,aax_load_time_one_tag@v=663,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=489b7869-b3e6-4dc8-9956-aa1bf318e908&session=293507ee-04cc-4174-acd9-d13ed69d2767
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
x-amzn-RequestId
7e97ecaf-b3cf-44be-af32-a65fb13a5666
Content-Type
text/plain
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E82C 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=8f14b594-5bf8-462d-a50d-3df42cd0b223&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6447861451852417
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
30a02579e32a25db6ede302bdfe2bdbea98ce2fc8d8fb4e04b7cb95694cd1558

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4216
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame E82C 		908 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b847c82684b4dc3a1162dc27992c4f61efa227a8bf4887892c3b5a8771bb3895

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
adjson
ads.betweendigital.com/ Frame E82C 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame E82C 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame E82C 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8f14b594-5bf8-462d-a50d-3df42cd0b223&nocache=1647594756648&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594755936&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
3376287562825ecbfabd822e8d58c1dfc38c459ee4cd36f69fc019c36f3f8786

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame E82C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=36215665138
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c36bfe516a5c532a274765494b015280d6e94a87723897e6eda7c7bcec2a8f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1494
prebid
ib.adnxs.com/ut/v3/ Frame E82C 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4574107dba4034af0ac90c8606989cb355a9339c71b993d50fb49c7f34883da6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
569711eb-fc30-46de-8829-83c4cb693125
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame E82C 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD04ZjE0YjU5NC01YmY4LTQ2MmQtYTUwZC0zZGY0MmNkMGIyMjM%3D&pt=gross&stid=0e73bd0f-c17d-451d-a46e-ac77e3bdc324&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 3C24 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=49665887505
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ba344ba2d735904c60663370e2127c7184dce180b9f7d3d89670fa6b0144d3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1475
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3C24 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=1b4ceb20-b0bd-4235-a09b-94382ec778b5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7131592495501689
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35db91ee70d6945da160626ce4eeedb92b8ef3c7d8f422ab6e8ca04d59aeb856

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4225
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame 3C24 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame 3C24 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1b4ceb20-b0bd-4235-a09b-94382ec778b5&nocache=1647594756681&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756010&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
f3995824a7e96697f9c7e55631a4a0ff3785c3f931e2c416fe301cf190040a40

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 3C24 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD0xYjRjZWIyMC1iMGJkLTQyMzUtYTA5Yi05NDM4MmVjNzc4YjU%3D&pt=gross&stid=6e053e12-6aad-4b9b-b096-ab5617c92bec&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 3C24 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
52d0dffffdb3e98c4131ad640b306938ce93d2daef257ca81fc3005b1675d5c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
738896eb-e88b-4d48-880f-02993a45db43
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3C24 		879 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
f0d1496fd253f24d60816ebaa0fe6b50eee36afe2a34ac8bd310dc0b95dc60df

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 3C24 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame D683 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D683 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=98457764614
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
82780ce2836c88a172cae55692224e6914ef855847023319f79aa3d60e27c554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1489
prebid
ib.adnxs.com/ut/v3/ Frame D683 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8ad4500b94646d58dbf015bf1b1f90970abaee00f3cda54290719465fe20bbd9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8af092f9-23d6-40bd-97a4-6021d5ce53eb
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame D683 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD01NzEwYjhmNi00NzVkLTQ3YzQtODFkYS03NjdjMjdmN2Q4ZDA%3D&pt=gross&stid=4c4a7750-0b7e-4697-af88-91bb561be602&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame D683 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=5710b8f6-475d-47c4-81da-767c27f7d8d0&nocache=1647594756697&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756051&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
dcbc18f4e73165e113f15e2bcc58dddce8c4233f94824f9432e02b3385d12abc

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame D683 		874 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
3d99143bb8b1f560ef0080075ff0c8f0bac01229ca7cff5b5a51134859b078a9

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D683 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=5710b8f6-475d-47c4-81da-767c27f7d8d0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5723180605055314
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
228d043a05bd0470a913413636d9da566238f1586c7fe49c5a64030a4253a620

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4611
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame D683 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame EF0D 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EF0D 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9dda9830acc35728f7b7f2cff1c740a17337e0e6d7674b67f48dd3a5481e7f6f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
069c4ec6-4bf6-4a4a-b0d0-2373afbf17a6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame EF0D 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD1kOWJlZmU3OS1jMzYwLTQwNGUtYTk3My00NmI3Y2Q2OTdlZjM%3D&pt=gross&stid=6fb4826e-0a70-4ddf-98f6-5618375c16df&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame EF0D 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF0D 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=d9befe79-c360-404e-a973-46b7cd697ef3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17646913239255757
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0cf312d71e52a1fc5507467e6c189cd03e0ff26d317bdbaad06fd684fdcd5fa5

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4204
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame EF0D 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d9befe79-c360-404e-a973-46b7cd697ef3&nocache=1647594756726&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756042&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
ba90674177e7baee835acaf5262383e3cf3813e8df32612928cf6c49610e7b16

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame EF0D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=39716618131
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1056fe62d7d5b6fada3acaa6ec841d2fa75fa5820c8c49672154df6badf3cf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1491
v1
prg.smartadserver.com/prebid/ Frame EF0D 		940 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
b4acdda0f1d27d1efda3b07f8658471829a215f0d71fe76f3325480a0ef8f3d5

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame 7266 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=29715082835
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8d9a626898b0eb192d473e42ed42e2e610cc62bc2651db3ac378e783828abc81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1491
translator
hbopenbid.pubmatic.com/ Frame 7266 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adjson
ads.betweendigital.com/ Frame 7266 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ Frame 7266 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD0wNTBkMDJiMy1lYWYyLTRlMjUtYmRhOC04Yjc2MTJmNzgwMmQ%3D&pt=gross&stid=64d70e21-5373-4a2b-b820-98a23f958e55&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 7266 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
64008d6951424579798b36078eded3bf9a934d42ee3f315ab7129374e7eecadb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
53604658-c828-4b7e-b10e-91db149e00a9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7266 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=050d02b3-eaf2-4e25-bda8-8b7612f7802d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45334834369348465
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03525f6f7cf0a878f51b7d538465513c5147ae14dde6823092db6b23021b461d

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4213
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 7266 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
13da4791e3620575aab659188bb771656745c3c83458302bbc8f49d1d2675751

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
arj
adpone-d.openx.net/w/1.0/ Frame 7266 		173 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=050d02b3-eaf2-4e25-bda8-8b7612f7802d&nocache=1647594756757&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756033&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
8c32806353335dabc17825fd84b7db12fa00047089f297bb1517658396ad5d16

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 287C 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=d8f3a19f-f6c0-45ab-a5af-c76277239062&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8151567415806464
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8d7f64bc10eb299fb45b1170ec3194fe0f34df3117fae7dc3c016cbd9ab704c2

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4212
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 287C 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d8f3a19f-f6c0-45ab-a5af-c76277239062&nocache=1647594756771&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756060&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c89e4ce4baf0dfe93a4f59ba1313522d5b6efc24b915deff7bae67e8467472b5

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 287C 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 287C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=47857873121
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
434420874167085efebd1496336250dd59ae15b3eff6a776740d38f2d8b0bd8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1479
prebid
ib.adnxs.com/ut/v3/ Frame 287C 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
49d9e7ed9c8ce09b30c38ab5fb8946f369a8f48a7f0b305b13987d564c9eb184
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ebfd0603-dd43-431e-a714-da44d3acfbeb
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 287C 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD1kOGYzYTE5Zi1mNmMwLTQ1YWItYTVhZi1jNzYyNzcyMzkwNjI%3D&pt=gross&stid=406585d3-e487-4cee-8761-513bf523b0fe&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 287C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
ccf2dc7fc1789d2a4ae03f96a9834ce7cb6de7bd3b61c14ea8dbbd51f140c3d5

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
adjson
ads.betweendigital.com/ Frame 287C 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ Frame D6D9 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD0wNDEzNzBhNi0xNmY2LTRhOTAtYjkyNy1mZDZlNDM0OTE4NjI%3D&pt=gross&stid=992719be-c180-4692-a6e8-07316c7efa23&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame D6D9 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
966626fda03840552072bf96eae759b0010473daec8620c146b7ab562303fd69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e21c29e1-18d0-4b2a-a3e3-53fc3c700213
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D6D9 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=041370a6-16f6-4a90-b927-fd6e43491862&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7213884560038313
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
168e8ac69e7903e0340d09637a93807bd2a5bb397a94b21763a57d9f80a67cc9

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4610
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame D6D9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=87513311969
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a5dd1343f141dbb27a3ba910237f3bb97032ddfab5c4e618040df38611f234d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1489
adjson
ads.betweendigital.com/ Frame D6D9 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame D6D9 		173 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=041370a6-16f6-4a90-b927-fd6e43491862&nocache=1647594756791&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756023&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c05996f19679eae53c8f40bbdf408074175e1e96fc41620544e99d7e26588456

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame D6D9 		953 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
d8e779ff8365f90a66fafac0f5b25aa67232b752361a5cc3ca8b157b4f780e35

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame D6D9 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pw.js
cdn.includemodal.com/ Frame F69D 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4rrBbn2vWPjJnz1xTrNNJg8BHyO_wMFm
via
1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront), 1.1 varnish
etag
W/"955e226ee33d25d239fe0741e0977b37"
age
5828
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
25109
x-served-by
cache-ewr18140-EWR
last-modified
Thu, 17 Mar 2022 15:33:31 GMT
server
AmazonS3
x-timer
S1647594757.810713,VS0,VE0
date
Fri, 18 Mar 2022 09:12:36 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
x-amz-cf-id
HfmDugbDLcMPsHmXBgejWrjaAsxgNiFYNleO0y5ZsI57utnYJJYWpw==
x-cache-hits
65
view
securepubads.g.doubleclick.net/pcs/ Frame F69D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh14dGSwdvjYTmrACmc4eR7FggtWPYBGwjzKuK-knHgUXO2hIgRynm9ap8xVTK5pGbmfQxfBkr-qgiWJ7yQ-uc0K86TCv9eKbW9z5DDqvl89lVJEZU7VDbKoToMgmY7SRN8ACYyEfs7OOM75vKibCigBDLjudJTM6JK3xdT6loK5CeYARfv-QqrmnVR9sNmZaXpeYJnDwK6z2fD5L_GH5saA3qqbs5eUSoq2Q8f1dpsEeLi5LBy6fw0kPVRyRvq5u_tSxj4h7safQL5KQctV6kybi84kujgoAHyYjHzcTHiwG0V2D1DU3Ze17OZSYpguI-kzxedKxpM-f4cfRFE2rMUzIowoItlcvU5A&sig=Cg0ArKJSzIQ6FgDSWus9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F69D 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0263901bb0f042d9d2d5fd4b9ec44f07547fc536ba7d6bbcf3cd247aa180f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40020
x-xss-protection
0
server
cafe
etag
16772162726956776288
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Mar 2022 09:12:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F69D 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:36 GMT
moatad.js
z.moatads.com/mailonline371382066490/ Frame F69D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonline371382066490/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 16:50:35 GMT
server
AmazonS3
x-amz-request-id
MHN56H62EGK8AYFA
etag
"b69fc9e92c5e9fee1450e144f3e28242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59311
accept-ranges
bytes
content-length
4509
x-amz-id-2
sLK9zN3PznG6T35N8zalMULEKqr4/+1hW4DhwxDKQ8fyKVJkOfKnbv+qaRm3DLEz2rOdnNNcMkM=
p-yVg_z7_Zx4fHs.gif
pixel.quantserve.com/pixel/ Frame F69D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-yVg_z7_Zx4fHs.gif?labels=_campaign.media.Advertiser%20ID.45673748.Campaign%20ID.475756388.Line%20Item%20ID.229276508
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame F69D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.161.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-161-118.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
Public
date
Fri, 18 Mar 2022 09:12:31 GMT
content-encoding
gzip
server
Server
age
5
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
EWR53-C3
content-length
7336
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id
ZR5XTR5c9FGjKmbv-KwtQ3LYD54huX8jlOGfliYwF7k-JIs3TVHeTw==
expires
Fri, 18 Mar 2022 09:17:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsXwd6hiteC-tJ2_dtVHR7XM8437MSDPJJmwxdzhPqhtNckeUGF7iHovZ-LCR8VurC0U9zNAV_cDE01LI5R8xwMxYWX6UdrckP9vBZJSWoet-2HFTys-pUlHpB1-ecd5XIW2UYm3hHmi9rwpuf98o85O5ep6snWgSkVZqHIFXAy_yF60KnQYjBTGwrU1L0YrtgRnB0hhZJCkspEcSeipfIjN7ZF-cMh1G--h3hSCsIjokLv9hpgM0YOxdp3KtFZh__G7davCz2yiH9riJjnFmMALcf9HelvAxhEGNo2jMCkfas97lwEsQy-2YNvhecQTGYVDq1kz5T3w&sig=Cg0ArKJSzM33C1klcuM5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A92B 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:36 GMT
adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame A92B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.62.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:38 GMT
Last-Modified
Sun, 23 Sep 2018 17:44:28 GMT
Server
AmazonS3
x-amz-request-id
7N1KWT7S8JG7Q2H5
ETag
"702b3e474e01427f8af949cf0c7fbd69"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
26619
x-amz-id-2
3YQpGztwaAfgMmxXj7CoAXyG12lUIgly7QdV03jGYBdqX7CGpvzczct8qVzqdqkmICKQA+n0QME=
translator
hbopenbid.pubmatic.com/ Frame 5BE9 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 5BE9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
704e23688a6da0eb274f9f0a903fd7a34e935bfce889db5242c322e6fb903d01

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:35 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame 5BE9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=14906773621
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b7d1adb16683223ecdd00a08afb4dab4b3affb22428ec13855cb6f5dc98b7d98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1484
adjson
ads.betweendigital.com/ Frame 5BE9 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ Frame 5BE9 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD1lNDk0YzczNy1lMmNmLTQ0MzEtOTQxMS01YTUyYTRjMjA1NTA%3D&pt=gross&stid=e2e2575e-5532-4713-a7d6-cb423c066579&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5BE9 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=e494c737-e2cf-4431-9411-5a52a4c20550&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47843779877902826
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
752adc4527d87f577077e73d50466dc3f9cd20f9cf0b2bcb64e79b3cc53a7350

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4212
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 5BE9 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e494c737-e2cf-4431-9411-5a52a4c20550&nocache=1647594756852&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756075&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
a1eaa4e8c35f908ff9a44fdd409b62221d5bc26de6ead7c116343d92ef9b7d31

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5BE9 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
615948bc8fa5e6780b77113b957b30dd4d3da73a23584aa9036f7deaa150bfb1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e8134029-a147-4044-9072-ce14e06d76e1
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5920 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEyEPOtbJEEf1gMX--_V3GGKEyrdHUeMXiY2_BNrX1EaNstZJuSPRlopliuUauzi02VNskLz4iA5qKktVk0rOCYmZF9Vh4WhqU8sXc8t0mT9oJOZ9h&sig=Cg0ArKJSzLcdBj8pq21fEAE&id=lidar2&mcvt=1346&p=620,8,870,308&mtos=1346,1346,1346,1346,1346&tos=1346,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3570895540&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594752632&rpt=2824&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame C08C 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=51d148df-c934-4181-b12a-a1a2c07e3c61&nocache=1647594756891&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756084&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
fb665438d64efb2988cac1082b242a39529900693028ab7e3f7cc3981adb48a2

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3604
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C08C 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=51d148df-c934-4181-b12a-a1a2c07e3c61&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6473733333788645
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1bf9e7b3d06a10fd0c816d12da694bb24a4a34b66b61bb4b82258a7bc8cb4d37

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4206
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame C08C 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
adx.adform.net/adx/ Frame C08C 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD01MWQxNDhkZi1jOTM0LTQxODEtYjEyYS1hMWEyYzA3ZTNjNjE%3D&pt=gross&stid=da31ea38-412d-4477-8d95-04309a038610&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame C08C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=86681782153
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12114ea923dc6298050feef85d98ba230e4383e149f7870913129a872b8374ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1478
prebid
ib.adnxs.com/ut/v3/ Frame C08C 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a52b8433e5d9fbe30caba6faa6b8c4bd87e4c78c7f3f1727114ff85c9629deca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4d3f5e36-d9d3-4718-8540-fd1a213c5bb2
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame C08C 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame C08C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
fb952ad9d98b4884418b2a72e17ef2789f02e5bbaf09cd80afca581e546deab2

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
adjson
ads.betweendigital.com/ Frame 6AFA 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 6AFA 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a888d127604fcbdda9631c793dab880433dcb85da985d3fe1090c9d6b17a7eae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d10c2e76-90ed-4e39-b677-fefb330ad05c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 6AFA 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
8032bcbe3dcb3961c4fd914aa0c78b446eed26503c557febf7001fa975fd862d

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://windaloop.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame 6AFA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=49181800982
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0a64a411d1da0ec535a786aed857892f2eefa936a9bdaf4701f14ec0482de243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windaloop.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1490
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6AFA 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,1142c9f178fb6cbc02b7,1,,,&rf=https%3A%2F%2Fwww.dailymail.co.uk%2F&tk_flint=pbjs_lite_v4.38.0&x_source.tid=9bc7a08e-d5a4-4a5d-9b0c-70013b34c105&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8965370215907169
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f502276c3d39c852470a513dadd00e9f7fa69b9157a14c10f319fbac92c33e67

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:36 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4209
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 6AFA 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windaloop.com
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame 6AFA 		174 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=9bc7a08e-d5a4-4a5d-9b0c-70013b34c105&nocache=1647594756910&schain=1.0%2C1!adpone.com%2C1142c9f178fb6cbc02b7%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1647594756098&auid=556875267
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
dfd82ddcb19084aec86cb4700d8524649e73efbb14541bfc7acd567eca276508

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://windaloop.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 6AFA 		5 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzODIxNjMmdHJhbnNhY3Rpb25JZD05YmM3YTA4ZS1kNWE0LTRhNWQtOWIwYy03MDAxM2IzNGMxMDU%3D&pt=gross&stid=a4a16367-a0db-4d14-9fa5-48fbf25d3f9d&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windaloop.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 2173 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72228953&p=159335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
30f4f1375598d4ea20c8c8df63f915cdc0b382702a856e79d6860847ff2433a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:35 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BE26 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55670434&p=159335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
30f4f1375598d4ea20c8c8df63f915cdc0b382702a856e79d6860847ff2433a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bundle.js
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 87A6 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=dailymail_ROS_HDX_TAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-16.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 16:54:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 15:56:23 GMT
server
AmazonS3
age
231495
etag
"72ce81d7d81987b2256ad6fa329008bc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
82367
x-amz-cf-id
ljJPWjJ0w-D3i9Hy2Bs9OZ9v09g8Q-ql5N_vgBUSkGuwR4Cw7glXJg==
PugMaster
image6.pubmatic.com/AdServer/ Frame F2A3 		645 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4587954&p=159335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8f59fd783d1a16c4a71b3fc849070afa57d18b0bb47ea4c09f4b92df01808023

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
645
content-type
text/html; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame A05C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:37 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 18 Mar 2022 09:12:36 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
PugMaster
image6.pubmatic.com/AdServer/ Frame AEAE 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8725838&p=159335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
/
crta.dailymail.co.uk/ 		8 B
452 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 240B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=3514487170398668&rc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYBMBSNBhAbCrbAVgEYAyBAewgCcBjAUyVATIgEclyEGBzAWwZQ4YGCGRk6wfgAdgMXrBBcAzGhQkAHOWC8hcJACtW-SiCYAGMgHcGAIwTwGY1CiIqyANxiO4LkvgA7EQAnCjBASEWuBZW5t6MLmr4Ie5ERGhhKipagWhkcnreDNb+FAzsEEKJyiiSADYw+n6CCHDSMlxBoeFEgSSBIQ1NwsAyMJ4MNI6UUEjtvB7xMIxIIBSUAGYiLmi4AJoAUlAA8gCqZ4EACgg0EAAWFiH8NNZ0ANYAEgCisgCCNDI92ANHAuwOxwAKgBFFTQ4G8G6CbCBAAamk8MhAADkGNDgEA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
vpaid.1.0.6.js
reflex.imds-cdn.com/vpaid/ Frame 3644 		306 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1E) /
Resource Hash
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
age
831710
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
93702
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/1C1E)
etag
"4c659-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
779368589 730995497
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Mar 2023 12:25:33 GMT
generate_204
tpc.googlesyndication.com/ Frame F040 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IBGbpw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame 8635 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:11:53 GMT
expires
Thu, 16 Mar 2023 20:11:53 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
133244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2831 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 09:12:37 GMT
integrator.js
adservice.google.com/adsid/ Frame 2831 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 45A5 		152 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ff0f78941c63404e9c4ec32e7a87709b9028c9c1262f5daaed9ca9c89ff30003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ZB942r6B_In13vMtKmoFPCyKliKwu7L9MtNuU6dVAk4KmnGw8D8LeTRlDRAMIP5CJ42bEiNk8JGQMOLV75s6-bl2tt7QLtOdyCbhFMR0T-xps_ICogAQGCUDiOX6LQSGwzqZ1WvGNjBJ4WYfz-EsXmwc4cd_MNbE4UEx1FHTcJQyueRGef1sweOx8fFd0SsU9RX1Ini9gCN1WfJnJPx0Z2iUKf7q7ouUq8M_djDTG47ih0qpEsetaE4JABE"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
106602115
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame F784 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=5bckxl9Yc0JqbWJzc2Z2UUZRUU5EdkVPd01nNzBnN1NBOFhqVm1SMkw3SWlhazBsZWElMkZqWDRCWTNHJTJCZEFqYWdCMUttVnNBTzdkWlVLYWNyUVhvSUxLWGduMFBSdzZNYzB5c3dEbXVtM3lacllLYm9RZUt1cFNzM21wcFlsVjhQZCUyQnklMkZTJTJCZXhMM2FyenlWZyUyRnhPTzJ0V2pZU0ElMkZMZkl0Zm4waGZSJTJCeiUyQkRJbXM0Y3JCUDVSRUdsTk9tdjdQb0V3aWRvN3VZZ3VMYkdPRjhTUDhJcXY3NDhjeFM0QUVWV0NJaiUyRnZHWFQxUUwlMkZTRERPMUdmN2FEVW5nWE5iUTl6eU90dE9ta044WEtONCUyQnUlMkZUSTVtc250enFRUXg3eWdFWDdSbjZpVU1uME5JZ2RXWTI1U2cwM1pFdklMSG1CY2N5TDBUQjZQVUtDSmFUUWdPOHIzTmdYTkRjQlZpR09wRVM3TzhYUnpjRjBya0M5STQ2SWNrd2FuZks4dkl0RU5FaVNFNFI5MiUyRjFUaEJsMGxXRkdsNkIlMkJxa2NXNFNiJTJGJTJGQUxYJTJCcHJzQjBUNGVxcnp0cGhWTGZRMk5RaG1BVTBYRjdYaWY5a2RFUTZQVG1OWllvRGlkZWl0a0F5TW1LWlJURUJoZGpDYnUzeFBNSzBtUWYxTSUzRA
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=xfiyobfi&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
242574
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
truncated
/ Frame A92B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41617734ea855203d150db794199a209f3dcef6219b9e6eacda641460cedff70

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
afr.php
ads.us.criteo.com/delivery/r/ Frame 45C3 		130 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
776fb2376fdccdafe79afbc1e8bf69ef2132c9d86c11e7724e15a70961179a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=GZog376B_In13vMtPWKqmUSF_A53T0HE-X1ODLVlxnBsP7u8P9UQyukYsgVkPqqVyAdqJuC-_IOjPF0qjc74VitWyuqI89Ve_gnjDpRlrBBfbhrYVGH47lEOQeuwvY50HnHMDIjtjhDEEmYtEZOd7AEYZC80EQbvduL-OKrDpRD9v4uijJ0r9lH5K_ra24Co1acctahJblatWbcLeHO0VqDJj4puh2YNFhePGZ4YUUrv49ne90226N1Il0E"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
70687354
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame DFF6 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=mNmLIF9samJQQ2RIbG9CakN6VXdVQzRsaTQ1Z0d3TUp5a2NTbFElMkZxU3g5eVpFTnpSeUF0ckJsd2JBN0FES3ZEQjJmTmdlOW1Ya1FlRUNySjNpcDZzSDVKc05vRGJ1Sm1iTngxVVdhdUVwblZ0aHhzOWk4UW9WZ1ZqWmlWaDNHQ3R6dDJRU2dCMWtGdWsxUktWQ2VKWnFuRWlyN0lzMVZOdlJ0cEs1akJpcG10MzZLT3p5RUl6OE1OdWR1QldnSzFnQzVKMlFNYlhTbXp3MXk0UktUeFFGbjFwdHI0ZE9iTFFQT3dTVWw1VGZKRzJKbVJXWFRFNmZWR2p6NHZKdWZ2eWJheHZHZGt3WU1DUUc0JTJCOVJWMEI3bzFwdm5jV2tDaHA1SFhFZjkxWWRQU2FQZkFXWUglMkJwRHA4bXBCNHdKREtEREY1JTJGN2pZdjFzNHU2YjRpMXlFaXlNbzl1c1lEUklqalpJTlY4aG1CU2JDejlTaHY4UXNTTHVBNGU1Mng0OUw2QSUyQlJsdnAyRVRtQnFuQ3RUJTJGWmR3d0JnUkpKdkR3aWVWZTNFNXFxZiUyRjBHTFNqNkNwQWNwM2JuVFhWNUclMkYwSlFqaFU5SmNhcUlHb3NnS2ZPd2NJWGhYY0pZYUxQaVBxNTYlMkJqTDdSd2d4STRiZkRKVSUzRA
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=tummowyqmc&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
229822
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.us.criteo.com/delivery/r/ Frame 42DB 		147 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c44fa3abf9f95d64fbc1373831076554d09a4c6b5696b1117485068beff0eb9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=JsJCTb6B_In13vMtSPBHJC8_YOJWJMcNz9vzN5nrm7ZZu9DESdGchWfc1Gu3E_EAPXQ2dgK3N35I1KFsowHUEbHHyzIyUk7rYv6bQMkLH-osqDmtQZJxAgKuAEf1rGu5n9g-1rpdz4OVJ-yC9hE20Y2F9j2zOsulkIqb5kmFXeF-ZYQhuVTctMjjiHwQ1ismfnBWwH-w-HpnnVAAZ0V61J4JL06oxFFSM3KuhbecCENJeQtjl10qZGEknJc"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
90029891
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame 0C23 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=27zkf19QNU9WWiUyRkZ4cXFjakJ1TkJzTkF2cThpZjR4dmdFTmt0NW9WYWwwS25hOVVJZ084N0ZOc0tKcGxSUDQ3eWtrTGpjT3ZlTzd5cm43OEY3JTJCaVVmNGxWbUNReE9QRjdYOE5NQjFkTlhLZ0JMWG16a1Z3ZWNvY0F1TUNOVWlYcEVOTW1DbkFsMG44dnI4NjRTbEo0d1dWcGFhdHUxZlRydUNSYm5vSW5vUGFXVlltWmlJaG43UU5HdFhETG5wbnlqNHRBd1c0YkdmMDV1JTJCQWdUeXZSQ0c5ZllDWjlEckFYJTJGVk54WU1KTzZDQ3JpNVd3SHBZMVJwSHU0czZqZGc1UG9rdkFHQTRhektuTENPYUpqNlhHUjBOY1d3NWdsTmdVVDZYb2psNUQwRzhqWEhENmI3OGh6RUFKQmxpVTRCM0FZREI5NVlWbUtMJTJCZmxlQ0NsOVFyaUhQS3lEaEpscjA4QXJJanUxaE16RE5tVU9pWE1CSmFqaG50WlRyUzZyN00lMkZpSEZzVkNxajhBZ04xc005ZzFWa3FwaVMybGJKcnMyTHFPcWdKbDNxc09hZHlvajBuU0tUaGlVSG1Ba3pNS2EyUyUyQmZMTFIlMkZiRHp6JTJGTFhldlNlN012cXNjR2ZYTGRlQmdMQ0xFUGhPaUJPUlJxbyUzRA
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=fnsegoyqoh&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
391041
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
usync.js
eus.rubiconproject.com/ Frame A05C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22111
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame C95D 		147 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
46cef8c6de500d71c02d90a0904814258c8c16e6cf80e57771204ad4fe4ae808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=n2c1L76B_In13vMtVM4fS82-Xwxgdm7AO95dm_2bHlYfMvfHhbOr4qgSq-di1_VxSb1ZAtRqOUzVC73APDQ1yuQIyaiCR_gwF85qOO9q4JGTJZjRFxntw8cxVz2hghtflJgsrLK5tb5_BUoxm0qY6CJ5FI4IOZfrPWP0WVGYHo6FpuQzvFISydScqV1qN8nFhCBbWDZGwLRxVEMh7Mj-euXKeE_3DLcfu5Ain9fYw8QYTuIvFb6dOmEPzR4"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
82952668
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame 6BD6 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=_dqYJ19pTHRKdDFNQzVUbUUlMkZyYkxBSkJUUHdMMmw3YjlUV1dremo1bkF0TnlxWFRreUYxSUx1aFUlMkZ0dlJ6NWlhbGRBbEhYWTJ1alU4WEZjN1U3NGl1SWhEUGZ4QkRFV29VY3hRbVlxMVhVVjYzUVVIbmRyR1VPcnJoYTZGMVNjQzQzZ1RLV2ZKU3IlMkZWRm5SSU9rbElldHFvS3c3NFVtMEV2SzF5dEElMkZoYnppd1YwSmVPJTJCZ3klMkZLMnFROTdTWG53b3VtOG5pTWZpRUhVRGFQbTRaV3I5WFZPJTJCdEZYSFVKSEhsWk9DZmJaMWJNRzMlMkZNTHdxNGFhdDNFemtJUjd3MEVMWjhHU1RLdGxsNFJ3aGExTyUyRnFUQUxJd2lwQUdBOTFaUDd4MGtqdHJ1WHRqWGpFJTJGZFdSN3dIbSUyQmVLZExXeVdIdEZ5UVJNNXZiZmt2Z1ZUYlZiaGZyMmRjSmY2ME80eThIWnRmczlJaFQ5THJsWlRFS3Z4WmVURXlLRlhZY0pWejk4TlpObENLWDQlMkJCTHlRMzdHY1ZJdTUwJTJGWmJmUUslMkZqaFU0WnRXYjBBbWMlMkJaV3JSR0VMYVdGOG5kOGpiSU9QeEJWJTJGR3pyNlNLY3BiJTJGN1NiMlNqZ29QNDFxTmpXNFBpaGVPUzE1aW1ydCUyRmk3VkpLUSUzRA
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ydwnmumrxe&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
212749
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
script.js
acdn.adnxs-simple.com/strikeforce/ Frame C89C 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Age
12812
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
39847
X-Served-By
cache-lga21963-LGA, cache-ewr18125-EWR
Access-Control-Allow-Origin
*
Last-Modified
Wed, 19 Jan 2022 12:36:35 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1647594757.436267,VS0,VE0
ETag
W/"61e805d3-1c12c"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Sun, 06 Mar 2022 05:29:54 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
2, 1386
style_banner_300*250.css
cdn.mediago.io/js/style/ Frame C89C 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/style/style_banner_300*250.css
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-19.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96a67b2141dbc9ac0870b34e6bfc02521c2e86a163133083f396d13b2e475ac3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
last-modified
Thu, 10 Mar 2022 13:37:25 GMT
server
AmazonS3
age
18131
etag
"2058b69dade82146c2c36958317a0511"
x-cache
Hit from cloudfront
content-type
text/css
date
Fri, 18 Mar 2022 04:10:27 GMT
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
1924
x-amz-cf-id
k0lXxoFaBqGEl0jNqnn9uh9yLS4r-2BhTNLXeD2zW3p0CtkhjMLrhA==
685c3f36bc2955a7f529d0e3226c1fd1__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame C89C 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/685c3f36bc2955a7f529d0e3226c1fd1__scv1__300x175.png
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:a400:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bfddb3d8192580a4486dec33b3a33682079a22935110a9ba417efd9e327eebc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:10 GMT
via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
last-modified
Wed, 09 Mar 2022 04:30:44 GMT
server
AmazonS3
age
84688
etag
"1fde508da68209be0af7fb90e416682e"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
image/png
content-length
88811
x-amz-cf-id
3iqQQk1M0XW40guVXh_rs1qzmXnLNPQVQhdY2UNYfc77o-bFNpi-ng==
trk.js
cdn.adnxs.com/v/s/224/ Frame C89C 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Age
1901648
X-Cache
MISS, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-ewr18173-EWR
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1647594757.428142,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 74410
it
nym1-ib.adnxs.com/ Frame C89C 		0
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.dailymail.co.uk%252F&e=wqT_3QKfD_BMnwcAAAMA1gAFAQiEmtGRBhDB95q006XI5yAY3cTIz6ry1aBYKjYJ4xo8n0MRlT8RhACdVRVBkT8ZAAAA4KNwzT8hhACdVRVBkT8p4xoJJPCfMQAAAEDheoQ_MMmN2ws4mFBAuGhIkQRQhbG2nAFYuauXAWAAaLjhuQF4_6sFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay-AAwCIAwGQAwCYAxegAwGqA4cLCt0KaHR0cAEy8LB0cmFjZS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1iZWQ4NzI3NWU2MTI1YzJjOTk5ZTE4ZmI5ZDRiYzA4NCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF8yNwAMQklEXwE2CGFkXzIYAABBCRcFkwwmaW1wAR5oMjM2NDE0NDgwNzQ2NDg0NDIyNSZwcmljZT0kFYfwT1BSSUNFfSZ0ZXN0PTAmdGltZT0xNjQ3NTk0NzU2JmFkcD10Nnd4N0FlZ2s4S2MxSDlyTFVTbGtXd0wxcWJ3TXZ3d0JJRkQ2M2c5YzBBJmRzCXn0QwUyJnVybD1UZFBVZ3d0R2lSenpHQ0lFbHJVUWNIQjg4c1VBMmp6eVU3aVUzRF9pSDYtYWVZQXNiMUN4aDJlSTU1b3VvRWF6ZTFzczFzN1NIUHR2RUhNQ3cybFlYWG53U3dCbE9hZ0hqcHdLeWdFYV8wblk4OHQ5eWdhcjQ2T2kzZ3MxWGhpblJkS2R2M1VpNWZTZndRc29DN1M5eE1tSzdGS0JFZ0RfSDRqMVN6X205NVBSWTdmRlhDWHgyM3l1cnpiRXd5aVFMTGMwTVZmUDFXUmNYaVFMRW5fSHNsa0FDUDViaTBrUy1uODNZcTFTSFlRSXY3X0l4OW13UEQ4cVRqYm0zb2Q5dEU2MUllTTItUGh6blc1U3VHUFZSYWpfNWhQX3NzRFFkdnMtQXVTR0F3SFpGVUwxb1ZCSExCY1M0X0lEUlp4dzloR1lWVFpNTmtZUTd5SFlXR01vcmgxX1lDYWtyZ3pqblBZTmRKQ0Q3QkN3NUZYSWhEX0RfUk5vQWNKWmxNNllaVW8xdUhta3FLZVVUbGRyTDdLbWZPbHZybXlqbnF5RGJ6QWxVZ2tZZHg4OVlYTURSVzAtbWR0RmRjbEpma05yQWZveXZ2WUVtWmZZZnBXNFJtYi1sX1pmd3E0MHJPb2s1aHBLTkF4SnY3MTZfSWQxSFBPMUxPSG1DaGJvUmJVSnBQTlVQUHBiSkN1Mkw4Q0pReVcwZmdhdGdmWjRpMEllYW93ZEZHaVI0R1NkN0U2eDFlZVVDUV9vQ25aMlU4STgzbjF5dmIwNTdxWDVoLWVESDJqV2tQbWx3X09xZFhwZkVMVnQ2R2ZTektWYm94YXU3LVVSZ0ttaG5XTjFxLW51Tl9RRi1NZzdjOHpVUEduXzg0aFJMbUhJZlR1OGxMRE5ueGYxYnczU2dOM1k2VUhkN3VyYnI4aGZycHo5aEhPR19hUkdKZzN4NFFtRENvSWM3MkVieFI2X0VKUTlHd2o1cjZ1RnZ3OG5sX2l5cFBqbDNGY0lYZmc2WE11emZ5Y2ZTWlhqcERJV2JoeWgtX3p2MnBpaFN2S0VObjR1OHpnQ3QxMnNkMkdmNGVHWDYtaFllQ0hiLUpra3JOSzY5NFI1Q1E5Y3cwb1Fsb0swbC1hcHlsTkRZS0dXM1dDSldRY1FET0FlQmd6b2EzOXQ2NnhsMm9LQnlQbXJFOTBxZV95ME1IVnN5aEN6cm4wQlRHbnNoTFNnYVZZQk53V3BMUUVGbWFxV0hyRHFQR3d2M1JDazc1RDBoY1lXcU5rRVpPQmEzRWlxUFhkMDdELXVNak5mVndXMjBQbFo5Ti04Q3ZHVWN6aF8yTjBia0xnGhMyMzY0MTQ0ODA3NDY0ODQ0MjI1IgkzMjgwNDY3MjUqBTEzMzY4wAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIWxtpwBiAUBmAUAoAWww4i8kvbI0w3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWz5D36BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzExNDM2MjC6Bw8IABAAGAAgADAAONweQADIB_-rBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHsfD4BYoIAhAA&s=528bc2363216385e0d304da7c2670604a140a6cc
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2a60690c-0203-4723-b32d-a2d50f85d932
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB13 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F244 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b275848bd9e2fea1da22bfbf7b43408cc23e6e349252aa9687a3a5b4c10bdcc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CG59699vDXcvHu6iHGNeTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:37 GMT
date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-CG59699vDXcvHu6iHGNeTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client
ssl.connextra.com/NBCSports/selector/ Frame BDBF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/NBCSports/selector/client?client=NBCSports&placement=DDM_APN_US_Sports_ACQ_300x250&_cb=1805027443&apnauc=3747064854672751328&bidid=3747064854672751328&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?TwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjUyNjk=/bn=90745/clickenc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1abedfef339e7e5d980748be26a6c60e411e2ee29374853b255dbba5a5229bf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

x-served-by
vlp-cxtadsrv11.connextra.net
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary
* Accept-Encoding
content-type
text/html;charset=utf-8
content-encoding
gzip
expires
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
content-length
698
async_usersync.html
acdn.adnxs.com/dmp/ Frame FAB1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:37 GMT
Age
10410
X-Served-By
cache-lga13626-LGA, cache-ewr18159-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 11006
X-Timer
S1647594757.439191,VS0,VE0
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame B538 		0
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QLLDfDtywYAAAMA1gAFAQiEmtGRBhDg9fronvSPgDQY3cTIz6ry1aBYKjYJTwE8aW1poj8R6uLrtgQ2kz8ZAAAA4KNwzT8hBW7bgwmNmj8pNe84RUdyqT8xAAAAQOF6hD8wyY3bCziYUECYOUgCUPOelZwBWLmrlwFgAGi44bkBePnEBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA1NzAwODE1LCAxNjQ3NTk0NzU2KTt1ZignaScsIDY1ODY1MjcsIDE2NDc1OTQ3NTYpOwEdBGcnATEUNzM3NDEwAQoENDcuHgAwcicsIDMyNzUwMzczMTYfAPCLkgKFBCFHbVZvMHdqdHFNb1lFUE9lbFp3QkdBQWd1YXVYQVRBQ09BQkFBRWlZT1ZESmpkc0xXQUJnN1FWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFReG02aXNsY3FrX3dRRU1adW9ySlhLcFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdmZ1pJRDlRR1VrNjg5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1qWTU0QVB2TFlBRTVKejhCNGdFOTV6OEI1QUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ54QUFBSWdGbFNtUUJaZXdVS2tGUWJlWE5FYnI3RC14QgUnVENVZXVnX3dRVTBNek16amRMZlA4a0YBOxx3TW9SeGpfUgkoCQEIMlFVCQnAQUR3UC1BRjZpYndCWUxKX1FmNEJjXzUyd0tDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCagFeOE16TS1jX3FBWUVzZ1lrQwWACQEARR0MAEcdDABJHQw4dUFZS5oCmQEhbXhPSnBBOgkCMExtcmx3RWdBQ2dBTVQZbUxPZ2xPV1UweU9qVXlOamxBN3kxSglzFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXzgOEQ4LtgCAOACm4VO6gIcaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL_ICEQoGQURWX0lEEgc1aUkc8gISCgZDUEcBFAQIMW0jGPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BUREPEAsKB0NQFQ4QEAoFSU8BWSAHNjU4NjUyN_IBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3w5QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUyNjnaBAIIAeAEAfAE856VnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWosRb6BQQIABAAkAYAmAYAogYPMTAyNjQjTllNMjo1MzYxuAYAwQYABTUo8D_QBqkl2gYWChAFEB0BWBAAGADgBgHyBnIIl7BQEmw2aEZQRkUwQWXYREFBa0NCUUVJcy1DTUNCQ2IwYnNDR0l1V253TWdCeWdBUUtHazNRZEl0YVRkQjFEdkxWanhLWJ0aEEhnQWdRHRBsSWdCQUpBQkFKb0JBZ2dBgAcBiAcAoAcBugcPCAWKRCAAMAA43B5AAMgH-cQF0gcNCQmrBDRAAagI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=45048d90fd98dac4202dca8035d7fea3a824a80f&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2F,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Duijfnrjjdk%26e%3D1556073704375,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Duijfnrjjdk%26e%3D1556073704375&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fde44c6e-10c5-47b3-846d-85ab51c064ee
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame B538 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Age
1901647
X-Cache
MISS, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-ewr18159-EWR
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1647594757.441969,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 77036
it
nym1-ib.adnxs.com/ Frame B538 		0
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.dailymail.co.uk%252F&e=wqT_3QLEC_DtxAUAAAMA1gAFAQiEmtGRBhDg9fronvSPgDQY3cTIz6ry1aBYKjYJTwE8aW1poj8R6uLrtgQ2kz8ZAAAA4KNwzT8hBW7bgwmNmj8pNe84RUdyqT8xAAAAQOF6hD8wyY3bCziYUECYOUgCUPOelZwBWLmrlwFgAGi44bkBePnEBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA1NzAwODE1LCAxNjQ3NTk0NzU2KTt1ZignaScsIDY1ODY1MjcsIDE2NDc1OTQ3NTYpOwEdBGcnATEUNzM3NDEwAQoENDcuHgAwcicsIDMyNzUwMzczMTYfAPCLkgKFBCFHbVZvMHdqdHFNb1lFUE9lbFp3QkdBQWd1YXVYQVRBQ09BQkFBRWlZT1ZESmpkc0xXQUJnN1FWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFReG02aXNsY3FrX3dRRU1adW9ySlhLcFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdmZ1pJRDlRR1VrNjg5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1qWTU0QVB2TFlBRTVKejhCNGdFOTV6OEI1QUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ54QUFBSWdGbFNtUUJaZXdVS2tGUWJlWE5FYnI3RC14QgUnVENVZXVnX3dRVTBNek16amRMZlA4a0YBOxx3TW9SeGpfUgkoCQEIMlFVCQnAQUR3UC1BRjZpYndCWUxKX1FmNEJjXzUyd0tDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCagFeOE16TS1jX3FBWUVzZ1lrQwWACQEARR0MAEcdDABJHQw4dUFZS5oCmQEhbXhPSnBBOgkCMExtcmx3RWdBQ2dBTVQZbUxPZ2xPV1UweU9qVXlOamxBN3kxSglzFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXz0DgE4RDgu2AIA4AKbhU7qAhxodHRwczovL3d3dy5kYWlseW1haWwuY28udWsvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUyNjnaBAIIAeAEAfAE856VnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWosRb6BQQIABAAkAYAmAYAogYPMTAyNjQjTllNMjo1MzYxuAYAwQYABTco8D_QBqkl2gYWChAFEB0BWBAAGADgBgHyBnIIl7BQEmw2aEZQRkUwIV7YREFBa0NCUUVJcy1DTUNCQ2IwYnNDR0l1V253TWdCeWdBUUtHazNRZEl0YVRkQjFEdkxWanhLWH0TEEhnQWdRHRBsSWdCQUpBQkFKb0JBZ2dBgAcBiAcAoAcBugcPCAWKRCAAMAA43B5AAMgH-cQF0gcNCQmrBDRAAagI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=2f8474fcfff67a7870db3e04eee767c6a686c6e1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
db92f67f-ac27-4d61-850b-27c678d934cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame F5EF 		130 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cb43840df073bee1f580369ac4ae01b38fd48b9d06602510d14462a6fb669240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=xalg7r6B_In13vMtzou_vxSJXMPry1UBiXv_3pXjTm0sTXvusZlagMvsOAwaEbvwT32dtKX82sSBV2UpUYVyqxfL_idV8Ys0yceQ1g70vpKRIFC3DatLV4CvNZ_wL0RvWV2dESrwJjY54fbQyVve2pzyTf0Tbn306yv3QlurwCgZXBo3q4aVhcs_e2ICiMGsDExstZ4Ocrm-3mAfJ1MPNeClIVU_7ekftGrs-Uiy9vMmOJL2NGsf0sZC3Ng"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
66857797
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame 7AF4 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=pwz2nF9qeHlaSHZMJTJCWXlIYW8zME8xd1RxSWF3OWtVQSUyRjdqNVJWcWc3cENQQkVCTG9HdVllTlpBclJhbFpKQ2prcm5VZjFUTmtEblElMkZiJTJGdkQlMkJINmcwOXBjWDZMZnk4M1VyTndMbkduNlclMkJFMHFvTVFwJTJGUVNhOXhXWmgyZEphSU9sV3F6QnRQbUhONDNSa092U2QwR1B2YkdEdWpLMXI2bmElMkYzWVF6d2paY3FnckYlMkZYQ29ra2EzbUNJQVd0YnhXNWsyaCUyRlRoNHlsbGo4emRwcXF2d2ljTTM1Sld2NElxSWdFMnhXSDBtT0Q4MlpFcVExVEppNGdibmglMkYlMkZnVjVTbk9DdjYwVVBhYkFCS1lYbFVPZHMlMkZGODZ5TDRmJTJGTmxuVkJHelVhQm05UUxjN2VZNTBnUmxtNElZS0J5b1hsUW1ONlpQMzRlaHZ4WUFnaUJ1NUNrZzV1cnl4ZGdpM2tiQ20yUXYlMkZCTlFYZ05SMXFBZXNrM2U4RnJBJTJCTXdQWk84N0dkWUt2c01IUU5uOVFEdk8wZnNEbFBHcFVzOXkwUHpWMmR3cWNrZXk3NmtuJTJGMkRKVm1HRHolMkI2WGlBMW5ia0VNZE53QyUyRmNab1hrc25HaVN0R012bW5QQXFnN0pBODU2TUhQTjlQZjQ4dkhFMGFXVGVFJTNE
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=meemooeee&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
243976
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.us.criteo.com/delivery/r/ Frame 8724 		126 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
46fb67ba5ed9f6454f318fed8a68509a7ce845a6d0b1809f9455d360dd1864d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=fVwc8r6B_In13vMtBnTmv8ZGvny8x3_uhPkrHr7LsfWvQgg8_ryfSgAXVP704KZHIYepdYhlCSQESeMbWwvuVFc6HiLsHfuAesXuMKhvYhsd_K5h3a3LcLsSg3Rj3rK6H68PT83F4PhUNqiFKcBGaozSRpBNN0f9Y_L1kAuMdkZ8fuVmkBuZ-iEUhuDLgdEObZNAZlxwLWUtx0px47pzqOY1Ja-Oe5u0Qcj74Xjj8r36jEu-nHsySASg3DI"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
61999795
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame C218 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=Kx64lF9mZk83ajhmREtkbGVISHlhTkVxSlpreTlzZlV2MG5sem55dzc4TXRVN0VDUFVTbW9mUko0YjZ6N3lOVXklMkY5OU9nZGlESEtwZ3JDMWh1bHNFNEJLRkRORTU2NCUyQlNyTlpIYzRLNXVkV1MyOWlmT2NHa2d4TUszMVZOemElMkJLcndNdjRkZGpMQURJdzRvJTJGa0tUTDRtSTFwSjhXUzBqJTJCMDNaZTFaS1NGRGpkdHRubFRMYVo4ZkpRQ3VMZWRiJTJGSnViMkZXbktvUjElMkJ0ZSUyQiUyRkFQTTNQZkIlMkJzQW5DJTJGUGgxc1BBbllRNWg1M0V2eEpoMUN6YUFEVG13RTFIQkd3VjJwaHRVNFFjb2dLYWx5cGttQ3ZYRWZvJTJCaklQbXFmSDVjeW5MdjV0ZGdZUkRkNnRrdlZGNE5ma0gzWmRGbk5YSG5McVpOY3BBQm1jU0F2RnNWbUFlSjMzSUhJaFVhMFVZNlZGMUZDQ1lMQ3B3RjhzWVE0WjhoeU5ROWklMkJsSlJVaHolMkJYY2NvQUwzUzdqdzk0MmRlJTJCZDNYdG92QnUlMkY3b05uZmU4VXVCTFR6RyUyRnNYZ1JjYmx2SXZ5enV5TDVoJTJCTmlOTG00WnB0aWNFTTh3aVZTMlpzaGoweDZ1elhNdVdRTmVmNzBXRUlLUUVlWXdNY2dJZyUzRA
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=cmmelq&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
215243
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82B3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:51:37 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 999A 		129 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
36de070ff0752b164583252b341dff29b6cccfb6d7105fdf3a4b53537727b32c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=dD7rnr6B_In13vMt5mQ5nPWMgEF9m-48JHPN2QVaZ9tVEYf25E_g6-reJNpZcisNV6BohWw4hY8sZKjnT2ShFqvL3jWlo-RHu3KQmD8G3MAJT72rgOOGB2WDCJmUsr8NV3gZF4MrVBFjr7CJOwHDWgEw-cz4IQS-3eyhUpGtBbck8HAGLfqf1vLDJ92qlnETih0O2-YAd5eJGGSyrTRT8tt1zlqT-_VdMv8ifdSXYop9v1RX5qKs5KxIOpM"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
65502170
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame FF85 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=tddd1V9rUlIzcElmNlUzZnhSbVc2RUo3NnpBeWxmNmglMkJBUjlxZWhnOVFJcTRiWVVseTZKdHBPRWN3V21sOWk1TlBuekxjdGFMdEFnSU5za2lKVHY4b1hUTEQ0WDR4VDBPcG53SCUyQnlWRjg4YXdVblE3NlQ1dGtOOVRXQkxoaTdmbWtVZlQ4ZkExWFVLdHpLRERhYmhUaUhBbjd3Yk1vZGh6dlI2b0pRYkFEQlVOZmRQaXhNdCUyQjNNd1UwYjJXd3pwSFdVTzcyZ2xjclNKdCUyRk9oRkolMkJUVkVYUFpCNDViOTdpJTJGN1R1ZkpRYWxXcGZUYXFIT1F4YVhNaVBUNjJkNCUyRllZOFgyVFFsNXVVck9oSzZ6dGp2WG1XSUZhN0klMkZYZzhPSldvUDNlc0FRUkVIckwlMkJteHNzalhHWG1MRFIxWGZndWpnJTJCMTlrcHJyeiUyQkdoMTRmJTJCb0tTbElBcUQlMkZ3cGtYT2FOSlVxSHlhJTJGNEhKbmN6OFNwRWc2eml3dU0xNDh3NnhiQU9STFZPaGFJZnNkandaJTJCcFRmcmJoaWxJTWpPJTJGVFExdVB3dzNZVXclMkIycnJkTlRlYXdxdTJ5Vlc0bllIYXpJUnVIWWtBc1p5dkoxRXVlZHpOQnNHU1poZ3BWVklqRXJCNFRiT25hbnM4ZXhWZXhwWGslM0Q
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=cudywlknjo&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
376546
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.us.criteo.com/delivery/r/ Frame 9E96 		129 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e92ad387dea3eec7164a1840decafa753eb0196b12928e507a1c7165e58cf1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=d9Pm9r6B_In13vMtyHbL3YLNswDk7u_5KyZPq2F5JDYZTmr2nVA8McLjIR7kdwRatr6MT3m2WfYvoSj4RR_M59n36zSW7a2unGSB21fQzidMLUnY6t_QTPV6lnqf4KImBWB81K-OO26Dx4rEJZdPria8k3wyIgFiVXie32FTsRSm2iSezLmmiTLuA-kZ-_Xa7t9C0tHzshoXxh5U8hfBVjDniNFqB_nsie0ZKUL32JJpRFt3aBPDe7xe6Z0"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
66548025
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame 2B49 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=OVpdoV9qUklmNnprcU5HUDMlMkJVVzY0V1hPM2JwWUp1YUlrbHhxSEoyNTVVRlRWMDVSZGpTdGtwcmc4bzdyYTRHNU51WDRQSmhlMXRjYXF4VmNxTnhzWmdZN2V1RXhuJTJGejJBWThqJTJGTThxYmptZllmMTFIRDZLanFRZUlKYUNYZ1BuTkhxNHJwbUt6dlhsNmU4VEY1VUZrWDJmMEVZVmFCcE5RM0JDVUwycE1EciUyQlI1R1NyU21GJTJCT0RVN0ROMGZ5ODM4ZDRPUEJQV2JVU0FuNFNmd3R2Qmhsa3F4RkE4UklzUm90QmlHQ0JCY3UlMkJ1JTJGOERMZ1I4MTNDdiUyQjdOejlkOEtnZ0d4aENQdXZJRlRtQk1WVkRrJTJGUzdpV1RLNDNhU1Q5U2FYeGJ4RlRQUHJ0QlBsVDVrRWFJWWlPQWFkcENhNUE2cUUlMkZBa0dlTGxqcDdQRlV5TnFTWmJoMzNZdUlqNXFvU255WDZjWWhQREpTcURzWjFWSUJZc3hLTEhPZW1keWJjcHVpbllsYkVxQTBtclFkbTJEYU5EbmdhcGZPTVEzJTJCRW00JTJCbHZya1hVb1M2M2xudmxzJTJCWkdEU1I4UVlvWjllN0h5aDdtQ2NpbHZwQ0JqJTJCJTJCb1hDWUgzMEV1amExZiUyRiUyQmtzU1l4Um03ajU3Y25hdUElM0Q
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=oencvor&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
313788
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
afr.php
ads.us.criteo.com/delivery/r/ Frame 6DB4 		161 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e94a7cd65948c40d6c5e41a89efb2d773cc4c03bd2dfd1b05585e89800eb2048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=lLmZob6B_In13vMtNQHOHiugvmZhuip7oyMF4dQi_IIjPOYYjlGte-8q1kmlVN7XZskEbuIDS7LDGWlUyH7ws-vAOhhWE-YorwUEcE-CrXT-KNMIjGGwGZhE5QJM5M8LLzvOgPMOZD2skil3GVmoZVWJKsYI7qkL_a1gx5RdJifne3R6v0u7IR9OtM0tE7NQmrsT-anOlNyw_YkN8GtOiL0os6RwYaaSVwtjeQyF-PlKJW_QbpTSLogZcxE"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
90065992
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame C550 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=EA6wOV9tJTJCUjF0YlplOVBtR1d6dFA2VzhkJTJCOVRsb251T1NpSGhWS1RPM3clMkJJQlpiaWFJektXQVUlMkJDZHJLWGJRem44UCUyQmtkUjJKdiUyQkN3RyUyRkhwRyUyRiUyQjdzSlI3aU9NUzFLYURPZVY1MDJlJTJGRTdOQUtWb3MyTTI5S2UlMkJiNmlpU3hCRG9RTCUyQm51R2pkdFg2YWlDMkhzS1A4WUh3JTJCOHp4dlIlMkJ5OWFQSWJPMEFaNlBnJTJGZWhWNXJ6SlFjOXJWTWpuR3RQNlJ0QVRRVDFuJTJGVXZHQ09VTzVzOFkzcERHTmVqeEI5QVBSdUhCRzJjU1VYcVlJYlVKJTJCYVhyUHlsTnVhUGpHRkNNUEs3VkQ4VkYxeElTYjJZbDRXWGVuQkNpZVZINHZWNGZXY2ZDamxHcG1oTUdHbXZjUkQzTyUyRm9wZTRNRFN0T003OHBibHRXREh6VnB6SUZXRXpZeWZLS0tVMWJPUUNaWk1JUEdsVkgzSUdiU3VseVRMQ3J4cSUyRjF0ZFRiUk1kcTJxR2JhN0VyVmt5OCUyRnc4WWtydCUyRklQblIxJTJGUURuWHdYMHM2VGdHOHFwbllIQmlYeXZsSTFvNFRXdWVrVGt0bnlzUW1oMEdMJTJGZ0FWQXJFRG5KUnZKVVhoMzZDQ0xsQnY2UFZ0OW4zWWROcnFKRUZydUElM0Q
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=iujttgih&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
259248
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
0482cb62-bd76-4a9d-8c21-4a7728d559ec
analyticssystems.net/api/v2/ad/impression/ Frame F69D 		0
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=960925
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG%2Fr9xqePTc0gJ%2F5ZQJyfA26Oxveujx3ClpQ1uJzam5vvfVemMnsnH2b65%2BhAuYzfDQR6tSjzJ6xpIICJUySxpLstlU224b%2BvZkKmP9XrHVDko%2BKx6je7d6rwWJCZf8%2FQ%2FhBI%2F4dX3zrb1RZCYpCt878lw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd9025fdd0ce1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Ft1us9-RORdR_PUILGxR
afr.php
ads.us.criteo.com/delivery/r/ Frame EC20 		150 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1f41b12b40a1b075f3e2aa3ce4f523783e1ab2ad759145dff3105968f392087d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=k23LxL6B_In13vMtF7A1Vlosp-lp548zp0WNKbY_KSO6NSBF7mnOfTyYjSUBGoqKsyerOgVJBEALxe6Q9NIu-CnnWAH6C_PtttXwvWC5JKmRhl_cO6gWmGfQpEIaoKB2AP26vY8b19Py520e4ppuqsIjKkhAJ43Ysmqo1P5jcqb80Q0CByN4IggT5mxybOwxM_ctvMaBCCm_hJoyEJvMWF14mSeFgpF1Ny_t7dQy7em8dZlCZ7bolzKgaJQ"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
56450665
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame A7AC 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=gmEFjF9kU01SMFFaciUyQkglMkJkeHlEakdxZmVnUnByTTVKVHFtc3UybTglMkZHJTJGYUJDWWhpdUZUb3FIRVBDcGdXcyUyRnYybjc2JTJCRW9IZmx5U0hvNlZPdHJUYndYeUxpNTVWQ0ZrYm5YblBVandoc2V3WVA2bk9URllKdUh4OGhnY1F5c0hzYW1WUFBJdSUyQlg3am1nWXNSdEVWT0Fnc0pOY3NaQ0VjM1lzV1p2JTJCbFlHOTVDZXBRcUd6cEphV3NjNnpzT3FLeUxGM2QwQmFjZTRrVlp5MyUyQnV5ODczcWZZM0RveE96M2FoQzZ0bUpzd000bE9PUGN5VTRic2c1TUtkOGpMaUVrY25tU282JTJCSG1zczNiSDlBYWtlRFduOEhoaHp0aXJrUGRucURWdExlY3VENlRqT2FyJTJCcFNyVHhaWVduZ2swYjlPR0M4VTA2Q01YblZBamklMkZwT2lLY0s3WHAxREhtYkFhZyUyQllXb2o1c0pvJTJCbDQ2ZTZ0U1hHOUcwJTJGSXpNd0oyaDcxVkRRa1VhVUtLTTBWZjI3ek9IcGdyaUxPa1hhV2h6MEpBaDlXbUszUUoyMkElMkJqUlY0dlJ4VENQMVpySXJOJTJCb1JzJTJGSmtlJTJCaDhINm1PYzJvUW5PQ2ZhY2FkbEklMkY0dEc3Q2d5S0hqOEREWEgxdzlHb2clM0Q
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=xwxbhdhfo&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
426141
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cygnus
as-sec.casalemedia.com/ 		53 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1647594757532&s=636599&r=%7B%22id%22%3A%221647594757%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%2C%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A4453%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%224453%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d569bb936e70af1ee724f783800f581ff972a88d8b13a7c3c6b042ade0073e19

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-AK-INITIAL-GEO
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
Server
Apache
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-CS-CLIENT-GEO
31
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
53
X-AK-CLIENT-GEO
31
Expires
Fri, 18 Mar 2022 09:12:37 GMT
cygnus
as-sec.casalemedia.com/ 		40 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1647594757535&s=636599&r=%7B%22id%22%3A%221647594757%22%2C%22imp%22%3A%5B%7B%22id%22%3A%223%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A4453%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%224453%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f20d38df4aab49e3dcdb6b341c8ba599c9ed48951a91aded397a6dedfa18bfa3

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-AK-INITIAL-GEO
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
Server
Apache
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-CS-CLIENT-GEO
31
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
40
X-AK-CLIENT-GEO
31
Expires
Fri, 18 Mar 2022 09:12:37 GMT
ad_page
ssp.behave.com/ 		20 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.3/async_bundle--.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 478E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame AB97 		147 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8e1be2ee741fdf3ebd0c964f3137cdc3f9d4731d8b9ace1dfd5ff8847c76cfe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=G2MgWb6B_In13vMtdoxUyV3ffQLfIQulqXq4KCKgl444OdCupp2jvxo7tyHvuw8jQijs9wprgiKBNvUJIiL5R1_vad95ye4vxf-l8TPGpLTdQrsILAOhghkQqLh_tkor_heeBKr5DKJD2gnuDbsoaQkz1g_gmp8jcaH_pCXp8TR8E-ZHKfZOw8tHniCimT4IZu7os4eN89FQ6K12UnQdDBkKBrJoKOTB0tk7Keiu-Irao4aCIm-u_jU7O-E"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
70147112
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/m/ Frame E38A 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/tpd?dd=QmBttV9jdjZzS3Axc09SOW56emRnQUFLMjNXMlZhNiUyQnIlMkZvZnlUZnBnZ0tlTjdrREltdnBBJTJCTEpIRmdWZGVpSkQ4M3NiZ0txMEpWSnNtUGdRJTJGQyUyQlBLdlV1VDNrclpraDYlMkZXUGZsblBqJTJGSyUyQkpJUSUyQnNtUjJqWlBxJTJGYUxPaFl6VCUyRmhJdHRQTTN2VUpwNE5JejVIdGVrTkNkQkZwOSUyRiUyQmc5QTZUMW42enRVSDlOOW9FdUNyVWFad0ZmU0ZsbXowcWJrWDc1Z0kyd2ZtVzJVRUhac0NDQXR1TEZRNTZ6dHVCS3pQJTJGTGQwS3BQank2V1daVzRHTElBU3kzNWVjWVViUk03S1FNQU9FNDZpZjhGbUhiRnR5Y0ltM09MSUlCamMyckVXUE5BWE1Kdk4wYWxVYmZZdEpjYkN4M01CUzhhemhrSk5SYXBtN3FVSlB2UGRTMWFqNVM4WGFQZGk0MHNFMHFuSiUyRlRQcjJhNjkycGhGd1ZvR1c2OHlYMXFzdU90UzUxb1RaRFc3VlNnUEZIbjFtZ3l4U0dheUZtbEVmcTVkM3RBNk9RVFFQOGR4Q2xnWXlsaGo5eFhvemZhU0Z5bHVxV1NvczFuNDFNJTJCcWpmRTFhbVV1RWRxeVBXajJWQzgwamVrS0hURE9OYVlqdUk1bmRFJTNE
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=tvbayjx&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:36 GMT
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
357593
strict-transport-security
max-age=31536000; preload;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
Pug
image2.pubmatic.com/AdServer/ Frame 0728
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bf3d6116-2f12-4b2f-8206-ce18651488a2
1 B
252 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bf3d6116-2f12-4b2f-8206-ce18651488a2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug014:0:620
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bf3d6116-2f12-4b2f-8206-ce18651488a2
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 7B28
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594758.664702,VS0,VE2
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594758.612819,VS0,VE22
x-vcl-time-ms
22
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 768B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3jBWw7zJB5i_wU4YBk00Yg
42 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3jBWw7zJB5i_wU4YBk00Yg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug016:0:854
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3jBWw7zJB5i_wU4YBk00Yg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pub
matching.truffle.bid/sync/ Frame EE1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Fri, 18 Mar 2022 09:12:37 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 67B8 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-0cfc24341797@version_1.386
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Fri, 18 Mar 2022 09:12:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1571
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
x-lat
va1pug015:2:477
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 18 Mar 2022 09:12:37 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 7B8D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
1 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
10:0:445
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
expires
Thu, 17 Mar 2022 09:12:37 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
33141
tags.bluekai.com/site/ Frame 2173
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B93E2E12-AA9E-4220-8310-B08598FC53B9
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=547a1af06dbd9e5430744b2dd9d67bf&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=0693932948cf7b81
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=0693932948cf7b81
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:40 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=0693932948cf7b81
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 2173
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 2173
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
Frontend-ID
1
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 2173 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:6e00:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
-TVO0aVUP-xABS-NpZSpGsge36JG7lT-cfQOg7lbaB6YctAXeEYiKw==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2173
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA5356
42 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA5356
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:463
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA5356
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2173
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug015:0:761
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f6179cf-1697-46e0-8e21-3731d5ededc3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2173
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3f861fab-f2d3-4100-877a-4a1c9369b063&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3f861fab-f2d3-4100-877a-4a1c9369b063&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:21:18 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug005:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3f861fab-f2d3-4100-877a-4a1c9369b063&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 18 Mar 2022 09:12:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
spl.zeotap.com/ Frame BE26
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B93E2E12-AA9E-4220-8310-B08598FC53B9
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=547a1af06dbd9e5430744b2dd9d67bf&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=f67a371d-f285-4ca2-be6f-f2af79502cb4&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=c712a4ea334221fd
0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=c712a4ea334221fd
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6edcd919cc36d157-BUF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=c712a4ea334221fd
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame BE26
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B93E2E12-AA9E-4220-8310-B08598FC53B9&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame BE26
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:39 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
Frontend-ID
15
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=B93E2E12-AA9E-4220-8310-B08598FC53B9&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame BE26 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=B93E2E12-AA9E-4220-8310-B08598FC53B9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:6e00:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
hTGWj4IwihvfhnML_RO_2m6xlOvt3aqTOkK54MzmybedL5Dlu0XiZw==
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame BD2A
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=19802351-4727-440e-b362-a84f0b4b3d64
1 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=19802351-4727-440e-b362-a84f0b4b3d64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug008:0:475
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=19802351-4727-440e-b362-a84f0b4b3d64
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 687F
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594758.674995,VS0,VE2
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 18 Mar 2022 09:12:37 GMT
via
1.1 varnish
x-served-by
cache-ewr18169-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647594758.634154,VS0,VE19
x-vcl-time-ms
19
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame A1B2
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WHuJLfrXCI2cs11LBk00Yg
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WHuJLfrXCI2cs11LBk00Yg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug017:0:589
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WHuJLfrXCI2cs11LBk00Yg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/ Frame BE26
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA534F
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA534F
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:482
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A26BEA534F
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
pub
matching.truffle.bid/sync/ Frame 1D19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Fri, 18 Mar 2022 09:12:37 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame BE26
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug017:0:321
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
37fbb59c-318a-4b8d-a81b-5420632ad77f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiesync
core.iprom.net/ Frame E373 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
avatar-2f2646dbd6fe@version_1.386
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Fri, 18 Mar 2022 09:12:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5013
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
x-lat
va1pug016:2:290
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 18 Mar 2022 09:12:37 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame BE26
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:75ead994-85d8-4376-989b-62e1eed3da48&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:75ead994-85d8-4376-989b-62e1eed3da48&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:21:03 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug007:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:75ead994-85d8-4376-989b-62e1eed3da48&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 18 Mar 2022 09:12:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 911A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug014:0:772
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5036F47B1E164C5B8C56BBC185A6E0FD
expires
Thu, 17 Mar 2022 09:12:37 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
io.narrative.io/ Frame F2A3
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9
  • https://io.narrative.io/?io.narrative.guid.v2=8e30b060-a69b-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=8e30b060-a69b-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
54.235.111.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-111-4.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:38 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=8e30b060-a69b-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:B93E2E12-AA9E-4220-8310-B08598FC53B9
Date
Fri, 18 Mar 2022 09:12:37 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame F2A3 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.152.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-152-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.14.221
content-type
image/gif
content-length
49
expires
0
3096
stags.bluekai.com/site/ Frame F2A3 		62 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/3096?id=REPLACE_WITH_PUBMATIC_UNIQUE_USER_ID&limit=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
d1ba4609
rtb.gumgum.com/getuid/ Frame F2A3 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-64.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
r
eb2.3lift.com/ Frame 87A6 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=dailymail_ROS_HDX_TAM&aid=16836037779496610436190&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.5&bmid=3658&biid=4718&sid=15736&brid=218853&adid=0ngdwb3k&crid=-1&ts=1647594749&bcud=500&ss=7&caid=0&unid=0&domain=aax-us-east.amazon-adsystem.com&ref=https%253A%252F%252Fwww.dailymail.co.uk%252F&rr=creative&fid=10&rb=0&g=0&cb=57728
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 0D37 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 87A6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-16.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:36:26 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
560172
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
85lDYU5CRaS_qBJW3QlEhhWpKnouG5Gf2L3Xn6-TNYBMAdCiZPpmug==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 87A6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-16.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 22:54:11 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
555507
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
8QB_t9G-TgJN9eNYmv3R9NkTeu0dqy_7gTjGWQMAVHoXM3D-EsRGUw==
ctar
eb2.3lift.com/ Frame 87A6 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=dailymail_ROS_HDX_TAM&aid=16836037779496610436190&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=43847
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
1594524_300x250_6213dff0931e6.html
ads.brandcdn.com/html/ Frame 859D 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.brandcdn.com/html/1594524_300x250_6213dff0931e6.html?fas_c=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3De923d3a7-f3e2-4649-b0ed-1bb25a32adca%26ag%3Dot2xv3l%26sfe%3D146bccfe%26sig%3D7y-Y6Z8yGWSEBBUOmeXtsQGOf42TKD7uwWBCtTHbQFo.%26crid%3D0ngdwb3k%26cf%3D3073917%26fq%3D0%26t%3D1%26td_s%3Dwww.dailymail.co.uk%26rcats%3Dzm4%2Cjba%2C7sp%2Cusw%2C5rf%2C7gr%2C3c6%2C2gy%2Chmy%2Cy29%2Ctmc%2Cd3i%26mcat%3Dttd-ct-52765%26mste%3Ddailymail.co.uk%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dtriplelift%26uhow%3D125%26agsa%3D%26wp%3D0.5%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D376%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D6.69%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABAA..%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQo7Ch1jaGFyZ2UtYWxsVFREQ3VzdG9tQ29udGV4dHVhbCIaCNr__________wESDXR0ZGNvbnRleHR1YWwKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3D4ljBsE%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dtl_ltriplelift%26ipl%3Dhd_97758%26ict%3DUnknown%26said%3D16836037779496610436190%26auct%3D1%26tail%3D1%26r%3D&oid=55952061&fas_m=aax-us-east.amazon-adsystem.com&fas_r=&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-14.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8da17dc22110daf621242492996179fc9f16e35f6c6fd46ed7dc50f74f5c923

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/

Response headers

Content-Type
text/html
Content-Length
15106
Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:39 GMT
x-amz-replication-status
COMPLETED
Last-Modified
Mon, 21 Feb 2022 18:54:41 GMT
ETag
"4206222d4080e2af0cba308fdfe3ec7a"
x-amz-version-id
fy45NVwBkTBSSWzadZAR1C3lBayB6hbU
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
o1VxeNoY8QodEdstUmaeDokHIQ7n64Xjob6n11hdh2VWE23uctgkQA==
ca
choices.truste.com/ Frame 75A4 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=brandcdn01&aid=brandcdn01&cid=0701&c=brandcdn01cont1&w=300&h=250
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-71.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
168e73f1c7bd13111c7e01f2dfc8bc9a7f2ec8f79618473e3768b50da456177c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 07:57:45 GMT
content-encoding
gzip
server
nginx
age
4492
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1e50ca9ac269e92d749f11227b12760c.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
11gyOa-7lM_0GkQ03AdEUFDfTSMeAr8SWJgeYa31rXaOzYeHGB0Veg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
triplelift
vae-bid.adsrvr.org/bid/feedback/ Frame 75A4 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vae-bid.adsrvr.org/bid/feedback/triplelift?t=1&iid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca&crid=0ngdwb3k&wp=0.5&aid=1&wpc=USD&sfe=146bccfe&puid=&tdid=&pid=nc31odz&ag=ot2xv3l&adv=zayhyie&sig=158yvG9E9Uw_mZJ6BV15q3rEoMRxssGuDRXM-dYFefF4.&bp=0.5&cf=3073917&fq=0&td_s=www.dailymail.co.uk&rcats=zm4,jba,7sp,usw,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=ttd-ct-52765&mste=dailymail.co.uk&mfld=4&mssi=&mfsi=&uhow=125&agsa=&rgz=14202&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=376&did=&rcxt=Other&lat=42.886700&lon=-78.892700&tmpc=6.69&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=Cg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABAA..&dur=CkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQo7Ch1jaGFyZ2UtYWxsVFREQ3VzdG9tQ29udGV4dHVhbCIaCNr__________wESDXR0ZGNvbnRleHR1YWwKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=4ljBsE&crrelr=&adpt=tl_ltriplelift&ipl=hd_97758&said=16836037779496610436190&ict=Unknown&auct=1&im=1&mc=d6657e39-a489-47ff-86ff-a52f95f4bfa6&tail=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
must-revalidate, no-cache
server
Kestrel
content-type
image/gif
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
aop
eb2.3lift.com/ Frame 87A6 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=dailymail_ROS_HDX_TAM&aid=16836037779496610436190&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.5&bmid=3658&biid=4718&sid=15736&brid=218853&adid=0ngdwb3k&crid=-1&ts=1647594749&bcud=500&ss=7&caid=0&unid=0&domain=aax-us-east.amazon-adsystem.com&ref=https%253A%252F%252Fwww.dailymail.co.uk%252F&rr=creative&fid=10&rb=0&g=0&cb=96300
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame A92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW-cDT2RmmtT5c5lJ0IL-KaHrb_sUAmupx9pDGYFF8xyUKFVQlOzwdT1wJui43_7x4WaxCOM_DQVhHEb44dK1osavnzPRLH39J0sgzk5BWhxs3rOUuFS55wUXRBTTO2P5kllWfxbV0Rfi1GjLTuEDA7txTIrEuoU_NuXyQmvv7v7tV05ZlAErk8ZnyclWgUMXZXtvganOEjyeQBQb4lARnR3GGOynIAKUHvrhXBzDbD8oNzv1eq725zo43us3eDp6QOVxXyTRSrnkDiznRZ9CQcj3YUV_LQAkiFdshQmLoNHLOSmZs8q__GMBITFgSesrzrDZNFTCHwA6M&sig=Cg0ArKJSzHqPOZo_nPGNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:37 GMT
sellers.json
contango-cdn.technoratimedia.com/ Frame 3644 		15 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contango-cdn.technoratimedia.com/sellers.json
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7917) / Express
Resource Hash
7b23dbd7d848d904ffec436842890ab06b0226c4da091daf75c0b7b7cfd859c0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
etag
W/"3c3c-JHeNXt9ufMljUgibfL6klgmmfHo"
last-modified
Fri, 18 Mar 2022 09:04:35 GMT
server
ECAcc (nya/7917)
age
482
x-powered-by
Express
vary
Accept-Encoding
x-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
content-length
3268
expires
Sat, 19 Mar 2022 09:12:37 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4d7425f2fe14492c5302685164e9bfb27b37aa9969947a13b5af001854c0ada9

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
via
1.1 google
moatad.js
z.moatads.com/adwerxxanderdisplay107885237416/ Frame 8C42 		298 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/adwerxxanderdisplay107885237416/moatad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c33f1dc20c96906ae6a16e2a46028aadd7b0184ab96b8c6f4f8d97313ba9f3c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

x-amz-id-2
nMSTUWbPwrU/cglHJo3KMwz0u/JKiPko2X20e5XLX/YrDnc990gE473fckN0DzxQDRX9VmsUbQg=
x-amz-request-id
AZVY5WK27TTK647P
last-modified
Mon, 07 Mar 2022 17:14:25 GMT
etag
"e3665edcc8eadf5e0c547331b6f02721"
content-encoding
gzip
accept-ranges
bytes
content-type
application/x-javascript
server
AmazonS3
content-length
103044
vary
Accept-Encoding
cache-control
max-age=52352
date
Fri, 18 Mar 2022 09:12:37 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 035A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:37 GMT
Age
10411
X-Served-By
cache-lga13626-LGA, cache-ewr18125-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10581
X-Timer
S1647594758.876265,VS0,VE0
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame BD3A 		0
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKNDvDtDQcAAAMA1gAFAQiFmtGRBhCP886KpMGdnlYY3cTIz6ry1aBYKjYJmqwn_z2guj8R_v5XVW1osz8ZAAAA4KNwzT8hLFzEa6aYwD8pv2VOl8XExj8xAAAAQOF6hD8wyY3bCziYUEDcE0gCUISnh6QBWLmrlwFgAGi44bkBeJO8BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTI2NTQ2MiwgMTY0NzU5NDc1Nyk7dWYoJ2knLCA2ODk5NTE2LCAxNjQ3NTk0NzU3KQUdKGcnLCAxNzIxMTczSjsARHMnLCAyNzE1MzgyOTYsIDE2NDI9ACxyJywgMzQ0MDUyNjE6PgDwi5ICuQQhZEd1dXBRaVl6dWtZRUlTbmg2UUJHQUFndWF1WEFUQUFPQUJBQUVqY0UxREpqZHNMV0FCZzdRVm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZk5KNEFmcHhNWV93UUh6U2VBSDZjVEdQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFHOGpxVUQ5UUZDSnpZLW1BSUFvQUlCdFFJBSQAdg0I8IF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0l5NHpCOFFBUmdDTFRNek16LWlBdzRJakxqTUh4QUxHQUl0TXpNelA3b0RDVTVaVFRJNk5EazRNdUFEN3kyQUJPRFI4UWVJQk9uUjhRZVFCQUNZQkFIQkJBBY8FAQh5UVEFCAUBGE5nRUFQRUUFDAUBeENJQmZZbW1BWDRzTDJCQWFrRlFiZVhORWJyN0QteEIdOzx3UVVBQUFCZ1ptYm1QOGtGAT8cWUlGRDBEX1IuKAAAMgUoAQHARHdQLUFGX0lvQjhBWFV3cG9JLUFXMnNNRUNnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWQE1CQEkS2dHQkxJR0pBawkQAQEAQh23BEJrARIJAQBDHRhETGdHQ2cuLpoCmQEheUJBUXJnOj0CLExtcmx3RWdBQ2dBTR3dTE9nbE9XVTB5T2pRNU9ESkE3eTFKCV4UQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MEDRBSWtCERDwRjhEOC7YAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay_yAhEKBkFEVl9JRBIHNTI2NTQ2MvICEgoGQ1BHARQACHF2ARUIBUNQARQECTJxbDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAsCSCYQ09ERRIgYzc1ZTU4M2Y3ZTRlNTg3MGJjMzJkYjlkZDIyODE5N2PyAS8BeQBDBS-YMzc4ODcyNDg4NzRiZGQwMjc0ODUwMjFiNjQ4MTViZjPyAgsKB0NQCS4cAPICEAoFSU8BoTgHNjg5OTUxNvICKwoHSU8JIdAgNjczMzg1ODM5MmRmYmRiYWE5ZTQ5OTk3YTQ2M2E0NGbyAhMKD0NVU1RPTV9NT0RFTF9JRAFXDBoKFkMuFgAgTEVBRl9OQU1FAR0IHgoaNh0ALEFTVF9NT0RJRklFRAEhHBUKCFNQTElUAZg5OfCVgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMjUyNCNOWU0yOjQ5ODLaBAIIAeAEAfAEhKeHpAGIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9ck0-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AGmQnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAONweQADIB5O8BdIHDRV2ATgI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=26407ec7c671a81727b4bfae0599e79c5df7b48f&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2F,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dvblctxybyam%26e%3D1556073704375,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dvblctxybyam%26e%3D1556073704375&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c6a20660-d011-45a5-8d11-27b28c744de9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame BD3A 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Content-Encoding
gzip
Age
1901648
X-Cache
MISS, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-ewr18153-EWR
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1647594758.883243,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 74104
it
nym1-ib.adnxs.com/ Frame BD3A 		0
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.dailymail.co.uk%252F&e=wqT_3QKWC_DtlgUAAAMA1gAFAQiFmtGRBhCP886KpMGdnlYY3cTIz6ry1aBYKjYJmqwn_z2guj8R_v5XVW1osz8ZAAAA4KNwzT8hLFzEa6aYwD8pv2VOl8XExj8xAAAAQOF6hD8wyY3bCziYUEDcE0gCUISnh6QBWLmrlwFgAGi44bkBeJO8BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTI2NTQ2MiwgMTY0NzU5NDc1Nyk7dWYoJ2knLCA2ODk5NTE2LCAxNjQ3NTk0NzU3KQUdKGcnLCAxNzIxMTczSjsARHMnLCAyNzE1MzgyOTYsIDE2NDI9ACxyJywgMzQ0MDUyNjE6PgDwi5ICuQQhZEd1dXBRaVl6dWtZRUlTbmg2UUJHQUFndWF1WEFUQUFPQUJBQUVqY0UxREpqZHNMV0FCZzdRVm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZk5KNEFmcHhNWV93UUh6U2VBSDZjVEdQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFHOGpxVUQ5UUZDSnpZLW1BSUFvQUlCdFFJBSQAdg0I8IF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0l5NHpCOFFBUmdDTFRNek16LWlBdzRJakxqTUh4QUxHQUl0TXpNelA3b0RDVTVaVFRJNk5EazRNdUFEN3kyQUJPRFI4UWVJQk9uUjhRZVFCQUNZQkFIQkJBBY8FAQh5UVEFCAUBGE5nRUFQRUUFDAUBeENJQmZZbW1BWDRzTDJCQWFrRlFiZVhORWJyN0QteEIdOzx3UVVBQUFCZ1ptYm1QOGtGAT8cWUlGRDBEX1IuKAAAMgUoAQHARHdQLUFGX0lvQjhBWFV3cG9JLUFXMnNNRUNnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWQE1CQEkS2dHQkxJR0pBawkQAQEAQh23BEJrARIJAQBDHRhETGdHQ2cuLpoCmQEheUJBUXJnOj0CLExtcmx3RWdBQ2dBTR3dTE9nbE9XVTB5T2pRNU9ESkE3eTFKCV4UQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MEDRBSWtCERDw_ThEOC7YAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdHOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAs5Ni45LjI0OS40MqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4yNTI0I05ZTTI6NDk4MtoEAggB4AQB8ASEp4ekAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfXJNPoFBAgAEACQBgCYBgC4BgDBBgAAASYo8D_QBpkJ2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADjcHkAAyAeTvAXSBw0JETwBOAjaBwYJJ0jgBwDqBwIIAPAHsfD4BYoIAhAA&s=e5c58252b29f8b230dc3af802e641a911dfabf4b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:37 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6d77b477-b2c4-4395-993a-032a725a765b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e8d29ce6-7877-4d95-8bb1-d43fa2de02cc.jpg
crcdn01.adnxs-simple.com/creative/p/2524/2022/3/16/32563777/ Frame BD3A 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/2524/2022/3/16/32563777/e8d29ce6-7877-4d95-8bb1-d43fa2de02cc.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
440de44752cda6c376e7fa7c8b2a81b7f2e9e6ac56d9e6bbf376011769f4fff7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:37 GMT
Via
1.1 varnish, 1.1 varnish
Age
96665
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
54246
X-Served-By
cache-lga21931-LGA, cache-ewr18132-EWR
Last-Modified
Wed, 16 Mar 2022 16:45:29 GMT
Server
nginx/1.21.3
Cache-Control
max-age=3888000
X-Timer
S1647594758.898794,VS0,VE1
ETag
"4a1e2a161f568169dd6887f52567eb65"
x-amz-request-id
7196e3b0-6970-4a89-9b89-b56bf4dd3106
Access-Control-Allow-Origin
*
Expires
Sun, 01 May 2022 06:21:32 GMT
X-Clv-Request-Id
7196e3b0-6970-4a89-9b89-b56bf4dd3106
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Clv-S3-Version
2.5
X-Cache-Hits
1, 1
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/ Frame F69D 		294 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dea12506041d6f70645daa67bbc4901d00f98c15a647de39a7adba9f7250d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108628
x-xss-protection
0
server
cafe
etag
13869370017282352306
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Mar 2022 09:12:37 GMT
pixel.gif
px.moatads.com/ Frame F69D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693274104%3A-&de=385153070900&t=1647594757869&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D45673748%26moatClientLevel2%3D475756388%26moatClientLevel3%3D229276508%26moatClientLevel4%3D133667763908%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693274104%26zMoatPS%3Dsky_right_top%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=624050668&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:37 GMT
truncated
/ Frame F69D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e94b4e515162189374e7a6c962648c1fbfebe91837c5e66e83b4332bcc628a7a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
2cbd307a-8608-464a-aed4-3f8d18fa55ca
https://www.dailymail.co.uk/ Frame F69D 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/2cbd307a-8608-464a-aed4-3f8d18fa55ca
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
csi
csi.gstatic.com/ Frame BA57 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l0w7dl51&c=3220033333770&slotId=1610016666885&qqid=COHw_9-oz_YCFRRYDQodYxQCnQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://windaloop.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.6
date
Fri, 18 Mar 2022 09:12:38 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame C89C 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windaloop.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
track
trace.mediago.io/api/bidder/ Frame C89C 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/api/bidder/track?tn=39934c2bda4debbe4c680be1dd02f5d3&price=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&evt=101&rid=bed87275e6125c2c999e18fb9d4bc084&campaignid=1143620&impid=44-dailymail.com.300x250-1&offerid=6237641&test=0&time=1647594756&cp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&acid=565&trackingid=8ccc0cdaf88c6f32f4ad8208f4dfafe6&uid=6359460436251910749&bm=5&la=en&cn=us&cid=1364637&info=DQaGAvFQHNJwBKk4Nra3ZKj_k476zFUCgcbI55Y4CrGnSY8voZiXwHzQz3Nw_idb&sid=12__1__61__24__28__41__47__59__38&sp=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&scp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&acu=USD&scu=USD&sgcp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&gprice=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&gcp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&ah=&iv=0&inIframe=true&pos_x=1&pos_y=1&page_w=300&page_h=250
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/plain; charset=utf-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F4E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:38 GMT
Age
10411
X-Served-By
cache-lga13626-LGA, cache-ewr18125-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10582
X-Timer
S1647594758.231677,VS0,VE0
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame C89C 		0
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKXBPBMFwIAAAMA1gAFAQiEmtGRBhDB95q006XI5yAY3cTIz6ry1aBYKjYJ4xo8n0MRlT8RhACdVRVBkT8ZAAAA4KNwzT8hhACdVRVBkT8p4xoJJPRIATEAAABA4XqEPzDJjdsLOJhQQLhoSJEEUIWxtpwBWLmrlwFgAGi44bkBeP-rBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhxodHRwczovL3d3dy5kYWlseW1haWwuY28udWsvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIWxtpwBiAUBmAUAoAWww4i8kvbI0w3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWz5D36BQQIABAAkAYAmAYAuAYAwQYAAAAAATEQ2gYWChANMRUBiBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzExNDM2MjC6Bw8IBSREIAAwADjcHkAAyAf_qwXSBw0JEUMBQgzaBwYIBQlI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=9dda5987128afacfd1c77a28943a70c081c34529&bdref=https%3A%2F%2Fwww.dailymail.co.uk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.dailymail.co.uk%2F,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dctkglnf%26e%3D1556073704375,https%3A%2F%2Fwindaloop.com%2Fr%2Fp.html%3Ff%3Dctkglnf%26e%3D1556073704375&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
33ebf3cf-3214-4400-936b-63cc4a4bc8a6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeANgGYqBWATkczBgEcBXGQifCRAFseEEIODwAjFQAsAdibz6CmgCZMhAPacwAYxjwQKQhpgBzYVD4VC8TLrGhEZqBSlqZkgByTMIMzBW8ABWJoKaaPAADJgA7jAARsSkbjIy9DSYAG6IyW7SSoxK0oxRVFExaDn6bmqyjBn09KpFNDTecuqgATkwsfmmXIE1lPT2ADaIgRACwryOUrIKRQpeqp4TU1YgwIhZcMSaUPCiZplViPrwKBqaAGbWlKpUAJoAUlAA8gCq33IACoQwJwABZRRiCMCxXQAawAEgBRcQAQTAmBB4BQ5Cerw+ABUAIo0AkYsyA4QAYTkAA0vFlgCgAHIwAkgIA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
getad
aax-us-east.amazon-adsystem.com/x/ Frame F69D 		50 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=492d19eb-2393-478d-b157-f8486ad67edd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:38 GMT
Server
Server
x-amz-rid
EWGR0ZE0GVJ5FMTXNJWV
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Permissions-Policy
interest-cohort=()
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Length
50
privacy_small.svg
static.criteo.net/flash/icon/ Frame 45C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 45C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 45C3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 45C3 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 45C3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=cHzOWdJUYlg82UphfgbkcKoPGglpf656wNzTdKWdkQBU6YooHyxSom6D_9inOe2v6_Uk2IsIxACbtdeX_Y9S9OeK1laTS_76Wre8EjmanLI-YhiyvJURMIWguSZMpFVPOwAudxjjd6IKNq6D2lJw5a7NsMkfZm0KzCr6m9xcue23Ohkjg7ih7LQd8B7tKi6R0tmpHle2cMaKHBqIrU406ZPb0ty8Sz8YL-jLrvNyNLgPhQkuEYpdUMG7pgote07d_pwOrTPB2WJEJCP19PAWCsMoQ9dgXArT8nG4URaMYznmM54NwG6P1Ur79OYDY1DUUNe4PzvbvOOvjvj_G_Ec-ykVTPOsnIf0j0TYfUToED5vmJdPHuLXPG4XR8DkVPGyE9oqIa_AKh3bAV40ieboiI0zjwehOGBTgaWJEo1ymf3oXI-9lp0EYZZUM7M9xgZ42uZGgTuqYE3tAtY6_KOq4-Jdu9w
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3942708
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C95D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C95D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C95D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame C95D 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame C95D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=4LoimdJUYlg82UphfgbkcKoPGglJaWufjnaVR-KYuXEfRmGy-f_YfhF1i3eAG5Ne5C2nsmr8X2neDGJY3yemr75Mm4dmd07qEdJWAXXHKBQzirM6_g45xpsji3ePOO_JtKY8gCJ8Zg9_OcaBMZ0wf9OfvWKVmtnLeAvbMnQoqylsz1pCjIHyMMBujZXFe89X9rFLenZbI2Vf3TXZALq4-3DvDwM4Dx_-uP3_o6U6zvajS0b2fokDlGUqGw1EhLAETKuXjOT8XwM2WLefKoVqwd9-3kbkK1sCvxQptpMfinm7SwvJGxVWQesv_OT--UO71J1JGbAd-DS-UCagR2PNYWsClBdZAHMyJci86ze0x7T31aGPbeVifXH2dVACv3wi1Y_WyyedW4PkuDuv6_U_GZDgJ9mKuxn1i5UUXSrUjhmBZzsRlsw0StL-L9LqTLaAbcGsIWhAjDjsmqrUogBYp13gulw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4491194
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D5536,0,0,0,0%26mtos%3D5...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D5536,0,0,0,0%26mtos%3D5536,5536,5536,5536,5536%26amtos%3D0,0,0,0,0%26mcvt%3D5536%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5776%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D5%26pst%3D1%26dur%3D10645%26vmtime%3D5871%26dtos%3D3188%26dtoss%3D3%26dvs%3D3188%26dfvs%3D3188%26dvpt%3D3188%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3188,3188,3188,3188,3188%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5536;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554;ecn1=1;etm1=0;eid1=18;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=videoplaytime50&ad_mt=5872&acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D5536,0,0,0,0%26mtos%3D5536,5536,5536,5536,5536%26amtos%3D0,0,0,0,0%26mcvt%3D5536%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5776%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D5%26pst%3D1%26dur%3D10645%26vmtime%3D5871%26dtos%3D3188%26dtoss%3D3%26dvs%3D3188%26dfvs%3D3188%26dvpt%3D3188%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3188,3188,3188,3188,3188%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5536&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F5EF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame F5EF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F5EF 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame F5EF 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame F5EF 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=U6eF5dJUYlg82UphfgbkcKoPGgkaXFh-6p3-UypWp0fDxWkoAJVJzKggfLEcUOmNNReaUxqfH0dY17phrYYDTkLcjnRiZepoxRSTdC7D9_-2CJ0GLw1jhpl7mxDviwIzX_8M4AGcN1wl2aPBQHpf9Q_k6tnKP3w3LEFsF_OBOC8xsIU-7ZCcTeyhAlxuQYuzTs4YNvFchZBZ3hGAHa21nlDHl0jPwkN4CcPyLfbvKy17eD4ZjKiYW0l16TY7kQSfDuMOSaNK-9oJP_zi8TbLBA1BiZCMb9o5-FF9tetoXMPlqjunDi_pz3NiU1-SxqaUcqemhl5UZas0EsbN04IxK89Z1x3gkljpXSwqA70S1M1q8PSHuybVAE-5BecIbq_g-2_7nl5OEjTZ1WHgwuqMMKYOVdIWHykiiXavzrJws1J3f4W6pq5X9FYfujCO6ZIxTo-N-JXWERZF58TZ4t_Ho8ITNuA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2856070
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 42DB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 42DB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 42DB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 42DB 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 42DB 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=vlH_j9JUYlg82UphfgbkcKoPGgnhW5zDMpYkGVFnvX-1N1nHRO4AXn0jIiIgOcMakLIP-dOVc1qc3o8LuADG0caVDsz3982-WIescTLcJQUPXa5KsOKUO126hcpGGGOI72HZ99_xTYwPC3QPG7-cOAYVAdi7AH1ss6S_m0DageE2utJbQxUmsIjDmyQm1vSmfe548oUzVFA3oDxK7nxzkTb1zDKUupYc_dopHW9ZRiw7Gfqpw_rA2raWZZ3Jqs0hH2QQLP7v090JByFvLliRKHNzQC9HRF0DoDf1kdWol2vAMBw6xuMmfK6Pv4SEyFleaCz5jwX0-hJrSAUmhHJXSD301sxqFXLQIYh83Ill4t_qqtzPnMCEdXQBz06FDeuFjhUnlHYJ8L6pP6sPT57zHfuCj2zor6UMkyZuRzv8EFDVGzm2Ug-yfhtVyTQJVnET0qKTjMfdxrrc96P7MbI3wCWu1FE
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4492795
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8724 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8724 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8724 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 8724 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 8724 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=snLvFtJUYlg82UphfgbkcKoPGgkX0fuC3oCO58KcYB9h-ktX_GgTwoLBWlpNgM6iC7KpQjwlUhZlaNbwzocIHNyMKDL9BvPJiWye7syQMsQVwPVzmno50Map7QTKJyPdj__Xfldg-JYlRAyXdu11ovWXPQPsFIl5cP4nUceaRWMId9wCpdM0_xUuWolafpnkx_jJiYaExWSHUqSftgs3vE8oBwvs1r92-MZ1d1RrRcfeTHIv5yZKqrhtFcboHshWGdskZ1dBkvE8vBj8U0OAFmITa6fnwiIlBskbvtDSLoaZK0fGR-aUZU_qVsjbE4PrSup1rWVm7hAeXwaLugPumnY8Ud3yDRhVGQ9WCkAJ5xLqjtK3CpwbGb8RuR_a_nIeVQjL-mwYEbizY9MXror1W_U5NGbysYfKA67TX-qUIBS5ECCnCewzz5kvRTe1eyt_3vscZbE5XKQ2E4ORSlbIYjbmrhs
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2122260
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 45A5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 45A5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 45A5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 45A5 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 45A5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=6weFpvgfItEaXTTpoXUIrMWJyf1epav2jBi5wj--5g4RnpzlCDZ-CuqeCvNPIjZJs0Ch-WbArSrHxYBa3D4CacOsnnXz3xPf5s9VJLzQMbWPUivaS_N1b32STy6YDpNakGNMKQ-Wi-7ebxFIjOBST61aZRo5LZKkv4gcrlxcKNWqekVX06bX5jJyZ44ov_snIx35MpsPmMJluMRPieZz2_qfkYyN2YEp9MZwY7e_4xJ4fkfOvml0UMe1PSIwJVJwOI7qGvksGCkDovESakhE0j8EIIKqvhxTjMk7bAnSdyNh2ORCVvYEnfbeEKT4awMpxXkN6HhjKd1wyB2VQU3nQFrfAfvbYKatv5F-atqvvGXS4MYEEWQMQTQ6n-oookAlhvaLby5uc750WwddAh7Bd0pkVUQxBTjdKbCwshDPcTAEtmTzWqqZEkkKv_VrSQB1xvXpsc18icnaWCZNr6L9961Rb94
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3758134
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 999A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 999A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 999A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 999A 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 999A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=9wskw9JUYlg82UphfgbkcKoPGgnwhS93vfpD1gCvz-BAHWCD1tqcm9eZaYkyiFr9NEsIabHQDciti_aR_kp1SG76V4i_gGasJTfbWVmScPfNlgGGBfW0JMMftniocNsTu3kJAKNwx9oDpzY4Ae3AIwekatuqLjyqOon_ToPyPwI3rQDiMxZWsv4rh5if2jxWaDhZqindrL8kCLediBfLqEjiULpg2-8UBWxJBRYohNNjbVUwq5qdYZ6k2Bf9K5PM6jiGr7XklA23xy9SI8exRMfo3IGKLTnxpc95sZX4CdQ2lNkNuePhgJdmCZuojJaCCXvU7M2qqt1OPY8Fg-BpKI2ZTXmjmPZg4o4lDCMjdythJ5xFUSxUOmOZVH7T4BEgcjW-SyRxchhlhdRzrpLGGGRbrop46hRtHlCRVhs-G4EtLV0WBlmuhUNT5A67UGyD8oZnKhmRO14elXvDu37OiSW8YlU
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2794329
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9E96 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9E96 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9E96 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 9E96 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 9E96 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=QZ_3oNJUYlg82UphfgbkcKoPGgm7Jost8TXRshhdGjepqu182jmr7jOxv7qqTH02ZS8UazQ53mrwmOn-Z5T7LLsiGMyxn56P9pUljbTyjCkwDWrsrJZ0KJSRUcf7-IgBF836n6isQ1WliUU03XM-h1sKuOSaTevxnOjfkKLXFwacdlxK30L2w6m_wXpZ0MaHAjOWRsOJ3K6Oqb2xgIx3tW10LmNhNqf4GKnXi8h-1hw-2sdrpNWwkG4ZyuWnZLI6m8Rtf09PnQ9oEBszMVaUiYW8lrya8zAvH1FCv5F1Ku3kvzXMGNVK3a59Q-5ntCkQKpN8vt1VFAWYHPA_QB6NZ_xLD-KXzwDr5iLC_F_aHlVZZlSo1CdvGTg77GxdGdENbH02t4ZqUl-t7S4QxHccQdz6UefwueHuCETcB757Yn4zEvN3Pi4WtM9Wuhuo6S6a38lmNEp2PkYHsNFciqK_mo6HrD8
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3460367
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame EC20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame EC20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EC20 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame EC20 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame EC20 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=ht4y5dJUYlg82UphfgbkcKoPGgm3oSXFisiAhk2PcJUF04XRobiuodeYNQhXaePaV1ZY3pF8rx_k0wE37ctzxkw9rwruPakAgDiMvvplph2fh96ohOlO3dHKI_k7PhpDVGng_cyJ2wOf_yN2L1b8kwgh7o2gjnWsVAPgrvuHVWkm7zEGS2eDjPl168JXBVNSXeDh1M70I9WpOx0dvLKFMI8Od4S-LPH_HuJG7UYxCoGwIyVu-KTtSsabSdMPvi0s5e6U7bSfLrzQfPk5yKxeE5yktE3zsKuUhxiftRnJ8b0HIxfOVaHdFP2KfVBg0glNQMDbqi6daOiV9W1EhYQJZz_3OtpF_HQKp2iQSoQqDzZ_MtTNVykdgfx-y3gzbutkzBFtBNyS1tR-uNiERXWwNtkfqTmK4yUOaC2trCytpS-ZexNDayEbx8g8aYabRkqmVascb_bOtl081-HchwYCYGgpdZs
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2308999
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6DB4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6DB4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6DB4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 6DB4 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame 6DB4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=UNxpUrcMhiK99DB7lxVRCSRy0tbUw7XMqrvEVBd4V8Pm7W33MLQhrSnGfQNwkLlylYHp-E5wfm-8KLkYYJozxZitipl-CrtSipcmRlQEXaCWl_vOBIFDR3vUtFlVGGyMdPT7NA6OR8cPf4R-b6mbTfNeTe11IFiYUHeXtrq7DNJP3L_KWe8aRHvaQRNmWq55Qt3gCl3K6VBT2P7foNvyoPbMxgI_oS2f_zBBBGFLpMUmtqvWfLL9Ktg04q_n2bbhaxIBtCB9aGNcvLHAWLnoKprGAowWvTT7Mn3CGuFCVhCGC98sRjNdW4VMfPcVTbobMEUhsDgYa35PfqWm3SYLYahi7dtMpIhl2E1h77vNmFIxq3yXnv2SMeZagVk0rldR_beuPYSS9r-WAzQ5WhIHaZF5JtiDefD_TutWttemkGlRPrED2Ys59lUvi9MFdoZuBx3NgUcSjDBnIx8kbFErTCMpEYU
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3659900
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame AB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame AB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AB97 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Mar 2023 09:12:38 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame AB97 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 13 Mar 2023 09:12:38 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame AB97 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=sD_NcNJUYlg82UphfgbkcKoPGgmuALilP2GJxh6pyUC3wFaOPbjNIgmQm4iZwfnzIxfsD0PZiOoU_jE37t06LwDlMQbgAaujLowY7gBJEqrTDlgnHqBQJ29is-77a5Vcfm18oqtd4LchoCaZRfrxbV84W_JvBJ1hDTfsVywueKHuO4_wvkki0GGrCFpq1owuc12nDb32-h53_GyU4R3imJ4iJA31km5KDLPApLx38M7uuJao8QOX6sD_xF4UGN6VXg8rHfl9Pb9AuCngCJjwWq7mPfFmfTOKPcIOwz55WDW8bL2dXUo1-tUrMw5CJ6MxB0ezKLxz_1os9tKs_D5fOW651ZEBU39yXOfesW3mH8ePZ9ulx5xEP-M76dF9FB4poPThoHNnUJsYhqL2V3EcqMkyPk6uTCuOnKZCj109mdfI4-JsOzJ9IEbPA6sBE3agD9UmVms83n-5Q1UsHg6yQecBFys
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2375391
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 75A4 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=brandcdn01&pid=brandcdn01&cid=0701&w=300&h=250&c=bb6f
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-38.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
EWR53-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
2mBwl62Y380Gb4kxEa6pXOacgqoQV_yHZ9GhcDpp1r7sz67V6TAMDA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
perf
ch-trc-events.taboola.com/dailymail-us/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/dailymail-us/log/3/perf?route=US%3ACH%3AV&lti=explore-more-header-ab-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
async_usersync
ib.adnxs.com/ Frame FAB1 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
67a4fda4-002b-4549-97d4-e86df79fa033
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dis.aspx
widget.va.us.criteo.com/dis/ Frame 8EFF 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0439aeb1e4dca9b65303cb2362
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9248a9868278788fe7cb97205f111176be0987868b00410184df5c67e03d9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3542921
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 1884 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d042e6edafa09ace9c23dd4bd84
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ab9503c9aed2b70c9350f49ef1ec18c2bb9c7dc2a6fc53e9c5c6d611637c0d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:37 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
4437085
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeANgGYqBWATkczBgEcBXGQifCRAFseEEIODwAjFQAsAdibz6CmvUyEA9pzABjGPBApC6mAHNhUPhULxMOsaESmoFKTQBMMyQA5JmEKYwlvAAVsaCGmjwAAyYAO4wAEbEpK4yMvQ0mABuiCmu0kqMStKM0VTRsWi5eq4esoyZ9PTuxTQ0PnLu2AEwuTBxBSZcQbWUVHYANohBEALCvA5SsgrFCt7KsTrTsyDAiNlwxBpQ8KKmWdWIevAo6hoAZlaU7lQAmgBSUADyAKq-cgACoQwJwABbRRiCMBxHQAawAEgBRcQAQTAmDB4BQ5Be7y+ABUAIo0IlY0zA4QAYTkAA1vNlgCgAHIwIkgIA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMAzAOwBM6YMAjgK4zIS4QEC2nCCD7AqANgAstAKwBOKdJnUx6ZAHs2YAMYx4IMslUwA5gKjdyyeOi3DQBY1HJVq9CZQAcldCGMxz8ABWhnxqZLoADOioMChEMM4SEtLU6ABuBIS8FJSSMvIyubIRYhFR4Rk6zq6SsinS0vTy1NSeDJi+MBkwqM7eyKwcUFUUtDYANgT+ELwCXHbiCgXSHoqMWpPTIMAEaXCEalDwQsapFQQ68GSqagBmFhT0YgCaAFJQAPIAql+0AArIMBsAAWEVkfDAqC0AGsABIAUREAEEwOhgeAyKRHi93gAVACK1Hx6OMAIEAGFaAANDxpYBkAByMHxICAA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwAcADAKwCMA7PWmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngBOatQAetWtWlzFynBAL9lIFMHj0AbABZGtXR9qeAzIwYYAQAxjDwAHIAgqwwIBykFNFoIPIhNlxQOFDyKEhwzikaWhCJ8G4ATGh4XPJgYfDqeNUwAOb8gok6aCEOoAStWhT0fhVu9JQsIK0CQgBWzShcbPBmAO4wSITE5OVutH5oAG4E27uuPt6ervouBrEnYbuj7roHJhXefn4TjFWgMxOMDW5xaCgETwolB6HAIsxsdggfWc7k8V1olF8bhhcMEIGABCOcEImXgSNahzYj3CUhqolKuwqLgAmgApKAAeQAqlzGAAFPBgeQAC2ouhQYDWIQA1gAJACijiiYDQwvAqkZLPZABUAIp+XVq1oC-gAYUYAA1KEdgGQIjBdSAgA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwAcADAKwCMA7PWmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngBOatQAeANgPS5i5TggF+ykCmDx6xgCyNau97Q8BmShhgBADGMPAAcgCCrDAgHKQUUWgg8sE2XFA4UPIoSHDOyRpaEAnwbmh4XPJgofDqeBUwAOb8ggk6aMEOoARNWhT0vgBMrvSULCBNAkIAVg0oXGzw1GgA7jBIhMTk8K6utL5oAG4EWzsu3l4eLvqmK2wnoTvDbroHtLRDXr6+Y4xDGEmMBOMFW50aCgETwouk6HAI0xsdgg3Wcbg8V1olB8tDhCMEIGABCOcEIGXgKKahweITCUkqohKOyGxgAmgApKAAeQAqjzGAAFPBgeQAC2ouhQYFWwQA1gAJACijkiYDQovAqmZbM5ABUAIq+fUappC-gAYUYAA1KEdgGRwjB9SAgA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwAcADAKwCMA7PWmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngA3cjC7S5i5TggF+ykCmDx6ANgAsjWgE4XtVwGZKGMAQAxjDwAHIAgqwwIBykFBFoIPKBFlxQOFDyKEhw9okaWhBx8AxoeFzyYMHw6nhlMADm-IJxOmiBNqAEDVoU9N4ATE70lCwgDQJCAFZ1KFxs8NRoAO4wSITE5PBOTrTeaPobW46eHq6ObtQO1Ets+sFbg85ue7S0Ax7e3iOMAxjjMH0MGWx3qCgEDz6S0CHAIkwsVggnXszlcZ1olC8jHasMmIGABF0cEIaXgSIa+zuQRCUnKoiKWwGDgAmgApKAAeQAqlzGAAFPBgeQAC2obhQYGWgQA1gAJACitnCYDQwvAqkZLPZABUAIreXVqhoC-gAYUYAA1KLpgGRQjBdSAgA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
dis.aspx
widget.va.us.criteo.com/dis/ Frame CB28 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04fbb2df27c584966d0ea5790c
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
021ba958849449cfbcb27947a769db166b62686979538f344f2733789a1199ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3666664
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 0EF9 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d05fc8555cb18aa880b1cf63d3d
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
36954ee985731b79a86db98aae1687fd2318f99b9e1c5385123a762e7b4bd7b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
7035986
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
controller
ssl.connextra.com/servlet/ Frame 0AD0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250&pubhost=windaloop.com&apnauc=3747064854672751328&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FTwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjUyNjk%3D%2Fbn%3D90745%2Fclickenc%3D&client=NBCSports&dspid=3bc1d7fd2e&placement=DDM_APN_US_Sports_ACQ_300x250&bidid=3747064854672751328&_cb=1805027443
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/NBCSports/selector/client?client=NBCSports&placement=DDM_APN_US_Sports_ACQ_300x250&_cb=1805027443&apnauc=3747064854672751328&bidid=3747064854672751328&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?TwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjUyNjk=/bn=90745/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
626183f205f9f4250cfae2e13d3d00b646dd88f727e91c0d94e24a5e2f131477

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/NBCSports/selector/client?client=NBCSports&placement=DDM_APN_US_Sports_ACQ_300x250&_cb=1805027443&apnauc=3747064854672751328&bidid=3747064854672751328&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click?TwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjUyNjk=/bn=90745/clickenc=

Response headers

x-served-by
vlp-cxtadsrv07.connextra.net
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
content-length
1695
expires
Fri, 18 Mar 2022 09:19:15 GMT
date
Fri, 18 Mar 2022 09:12:38 GMT
dis.aspx
widget.va.us.criteo.com/dis/ Frame EE3E 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04e4952d5d1b00f23cefd507da
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
4100600
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 1FBC 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0457b7d60ffac03fc3d185c063
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3579435
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 5D29 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d059f5bed36dd5e6b579ac23947
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3166011
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame DBA0 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d0570994f1e553fc00d985cf14f
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3874827
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 5FAD 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04d798fbb841a1b6b2bc93b656
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
4443923
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 3D08 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d05ceea22777aa43880e89e491d
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
4051818
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
dis.aspx
widget.va.us.criteo.com/dis/ Frame 15E8 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=189812&cb=62344d04c061eb2fc49b45618dafb9b8
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
5365304
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame D60F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPmZDLw5ckQ0PUJfmbdKkRdcriODkDkdAA2WOR8r_sOQNB441ZzDzpUAIDuAK8gflS_TyxQJcNHSU-bqlLRhCmOIAYnpUgqmHkl0KFF1ZLsrxHVFjiRgZmSB7DRBKCY4JcN9iGiO2riOubP_xBwJwfM4UHf9tXBmEsmjkR_0ss8JiWq22Xq3KNRfGmQO-SgP2G842M8o1UWE8J5K3Jj80Vg1Qt2m_dbhXY2Cykc9jIj1d-J_ksNpBs2ajndrqbpztAu0AGptrwWYe4VWxRY0ZG__UxFi2iM8O3PkTm9fBEbWhms-XuQSeKDSm9mnWEVba7lfD0FnsclQjg8BLVAokxjRGB9WQzFyX4qCEsK4Pp&sig=Cg0ArKJSzLtXsxzMjwDZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:38 GMT
async_usersync
ib.adnxs.com/ Frame 035A 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:38 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
78646906-0e22-487a-bb22-c40262a04f0a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 45C3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kQpU0iH8q6WBlJCqhuefwMXGP0Xj%2FdQnM4dqyOkupx0EA3Hbrqzv1sdgJAiKcU66rmldnGqcfdybBrtrnQkzAr5Qf4QozsdQFzmBP5USPl17SOkMyaARC1SZntXiGC2HusCaRMURKVlj2felRiHUWzA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90add97d15f-BUF
expires
Wed, 08 Mar 2023 09:12:38 GMT
animejs.js
static.criteo.net/animejs/ Frame 45C3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753015
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206489
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
all
csm.us.criteo.net/ Frame 45C3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=GZog376B_In13vMtPWKqmUSF_A53T0HE-X1ODLVlxnBsP7u8P9UQyukYsgVkPqqVyAdqJuC-_IOjPF0qjc74VitWyuqI89Ve_gnjDpRlrBBfbhrYVGH47lEOQeuwvY50HnHMDIjtjhDEEmYtEZOd7AEYZC80EQbvduL-OKrDpRD9v4uijJ0r9lH5K_ra24Co1acctahJblatWbcLeHO0VqDJj4puh2YNFhePGZ4YUUrv49ne90226N1Il0E&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 45C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 45C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F69D 		219 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailymail.co.uk&callback=_gfp_s_&client=ca-pub-6384385731055605&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
15aafc22c1a4a97df2ed4aa0b083a9230757c83545dc8d514a0bb1f304951632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F69D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8EA9 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1f9b5708af11bb55802b40222d3f329e7c83c0ee2ad69338fb7cf3fa62b479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 18 Mar 2022 09:12:39 GMT
server
cafe
content-length
10411
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D1BD 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:38 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F5EF 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7Q%2B6NP8HSjD%2FHBFpAFxSI603ywmK6ZhOubGVHvWv1KlwY5Y2jjNXhgPxarMCzTe8R6NWh15zgUbkJJbFiwVXBxMg2jeNHGNP11kRVLCU9clSvqIFnVR9gazwkKiCBQno%2BxwSl97WjAg5%2F%2B%2B%2Bxp5K5pk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90b8c4ed157-BUF
expires
Wed, 08 Mar 2023 09:12:38 GMT
animejs.js
static.criteo.net/animejs/ Frame F5EF 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753014
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:38 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206488
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
all
csm.us.criteo.net/ Frame F5EF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=xalg7r6B_In13vMtzou_vxSJXMPry1UBiXv_3pXjTm0sTXvusZlagMvsOAwaEbvwT32dtKX82sSBV2UpUYVyqxfL_idV8Ys0yceQ1g70vpKRIFC3DatLV4CvNZ_wL0RvWV2dESrwJjY54fbQyVve2pzyTf0Tbn306yv3QlurwCgZXBo3q4aVhcs_e2ICiMGsDExstZ4Ocrm-3mAfJ1MPNeClIVU_7ekftGrs-Uiy9vMmOJL2NGsf0sZC3Ng&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F5EF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F5EF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:38 GMT
1553
vid.springserve.com/rt/ Frame 3644 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/rt/1553?w=420&h=236&cb=2202484869098693&ap=1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&crossdomain=0&testbucket=56&ud=0&bt=0&sec=1&nc=0&domain=www.dailymail.co.uk&sid=82376%2F89226&adunit=82376%2F89226&client=82376&payid=e108f11b2cdf7d5b&is_inview=1&inview=1&avs=1&vp=100&vw=1&sizebucket=medium&mute=1&schain=1.0%2C0!synacor.com%2C82376%2C1&usp=1---&us_privacy=1---
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.40.59 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-40-59.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2cc001760e74300e278c2faf46eaaf20553d441d17e5690b6054cd463dfa921a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EFBF 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B08 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8682 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8724 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjkDyNNk7Poq2jyv67JKip0QomV3O0QP%2F9II3tmCGocxaXR2Djip8BRI3xkDGE7%2B%2B9FZs9tuicqpGI%2BPefq%2BhRQPpo%2BMU8RGpmyLRqeXhEotMMF35Ekvacd1x0SlAwhFIYNzJbu5N6X%2FZRUNJj%2FNYTr3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90c2ce4d157-BUF
expires
Wed, 08 Mar 2023 09:12:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 8724 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 8724 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753014
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 8724 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206488
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
all
csm.us.criteo.net/ Frame 8724 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=fVwc8r6B_In13vMtBnTmv8ZGvny8x3_uhPkrHr7LsfWvQgg8_ryfSgAXVP704KZHIYepdYhlCSQESeMbWwvuVFc6HiLsHfuAesXuMKhvYhsd_K5h3a3LcLsSg3Rj3rK6H68PT83F4PhUNqiFKcBGaozSRpBNN0f9Y_L1kAuMdkZ8fuVmkBuZ-iEUhuDLgdEObZNAZlxwLWUtx0px47pzqOY1Ja-Oe5u0Qcj74Xjj8r36jEu-nHsySASg3DI&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8724 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8724 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E82C 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 45A5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l63%2BIHmzJSfcZ6yhm908DYDGuzoOgU65espEqdl%2FNThKD7T1x9LlPRQcuVrTBSwdRTJuCtFJsHEpHQ%2FD3nb1XFVpdXB144Wa07MpWhEX4Q5pAGBjrvfeMO9RoMn05TyJQUxQNKdO91Q6GwwKj%2Fe4zyhv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90c6d08d157-BUF
expires
Wed, 08 Mar 2023 09:12:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 45A5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
3700b9dcaaed4b3bb87e1f10b071645a_cpn_300x250_1.jpeg
static.criteo.net/design/dt/11589/220315/ Frame 45A5 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/11589/220315/3700b9dcaaed4b3bb87e1f10b071645a_cpn_300x250_1.jpeg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c784ea6897ad3d3cb8fdd3d56b13fe3661ba7f955b271d17e17d60bf7813579e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Tue, 15 Mar 2022 20:03:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6230f102-5ee0"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24288
expires
Mon, 13 Mar 2023 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F11589%2F190114%2Fca8377a539444de8a2c074a7c96b152c_lig_logo.png&v=3&w=596&s=Li2tTvi6QyU7DrarvYTHOIi3
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
918addfec5ade009e30257c082b026d4f3ba88b48d371bc470126dff70bdae77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28765652
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32850
expires
Tue, 14 Feb 2023 07:40:11 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-Pay-Attention-Cat-Eyes-Crusher-Vee_71914_1_lg.png&v=3&w=400&s=kewbg9mMMBXkZa7vc06gSjLH&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7e3f757ff82d2f8ac1d666d24791051118e659ff029683cef72393bd239fc7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
76734
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-How-to-Train-Your-Human-Short-Sleeve-Crusher-Tee_91349_1_lg.png&v=3&w=400&s=WpItEm5vAZlWaDa8ZEp9Lz6q&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a02cd5cf702c8ea523a628ccec6b30f8e3af81535086738dc5b13178b95483a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
80504
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-Here-Comes-The-Sun-Evergreens-Crusher-LITE-Vee_71862_1_lg.png&v=3&w=400&s=VhF_uhtn5nXPG5ONd9j6vfzE&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a479bfd5d75d479b2009eb8f7930e1201ea9751106be5754697709009b6688e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
63984
expires
Fri, 18 Mar 2022 09:12:39 GMT
all
csm.us.criteo.net/ Frame 45A5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=ZB942r6B_In13vMtKmoFPCyKliKwu7L9MtNuU6dVAk4KmnGw8D8LeTRlDRAMIP5CJ42bEiNk8JGQMOLV75s6-bl2tt7QLtOdyCbhFMR0T-xps_ICogAQGCUDiOX6LQSGwzqZ1WvGNjBJ4WYfz-EsXmwc4cd_MNbE4UEx1FHTcJQyueRGef1sweOx8fFd0SsU9RX1Ini9gCN1WfJnJPx0Z2iUKf7q7ouUq8M_djDTG47ih0qpEsetaE4JABE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 45A5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 45A5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 999A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOc1nzhNIUzgxKskZOG%2FR5pgFZHmvQCGTlGC8k7XX13fjycozGw6bihXbHdb5RQDftAxMEr5WCbr4O2zyYC%2Fne7gXoJ0m7Orez55CSI2Y0SGN5dXqtAzV8vSieAK33jkv6I7a5%2FdWe5knpBChDvAXI1s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90cad57d157-BUF
expires
Wed, 08 Mar 2023 09:12:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 999A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 999A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753014
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 999A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115997
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
all
csm.us.criteo.net/ Frame 999A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=dD7rnr6B_In13vMt5mQ5nPWMgEF9m-48JHPN2QVaZ9tVEYf25E_g6-reJNpZcisNV6BohWw4hY8sZKjnT2ShFqvL3jWlo-RHu3KQmD8G3MAJT72rgOOGB2WDCJmUsr8NV3gZF4MrVBFjr7CJOwHDWgEw-cz4IQS-3eyhUpGtBbck8HAGLfqf1vLDJ92qlnETih0O2-YAd5eJGGSyrTRT8tt1zlqT-_VdMv8ifdSXYop9v1RX5qKs5KxIOpM&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 999A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 999A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3C24 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9E96 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U0b9fS5Z5YVKWZu9WEWWJYMVsJkpn8B8ksleeRTwafsVVCKl%2B9PnQ%2BgoHZTg6zFRJ%2FSvb1Y1CuzLKTikoUaC%2Fj8RVCR9VmVRUgAwadCO8C65R9CuBTwnoMT%2FcVRmeJ6Z%2BnE%2FjiJmomds6mVzf62E5Wf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd90d0dafd157-BUF
expires
Wed, 08 Mar 2023 09:12:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 9E96 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753014
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:39 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115997
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
all
csm.us.criteo.net/ Frame 9E96 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=d9Pm9r6B_In13vMtyHbL3YLNswDk7u_5KyZPq2F5JDYZTmr2nVA8McLjIR7kdwRatr6MT3m2WfYvoSj4RR_M59n36zSW7a2unGSB21fQzidMLUnY6t_QTPV6lnqf4KImBWB81K-OO26Dx4rEJZdPria8k3wyIgFiVXie32FTsRSm2iSezLmmiTLuA-kZ-_Xa7t9C0tHzshoXxh5U8hfBVjDniNFqB_nsie0ZKUL32JJpRFt3aBPDe7xe6Z0&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9E96 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9E96 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D683 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
track
trace.mediago.io/api/bidder/ Frame C89C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/api/bidder/track?tn=39934c2bda4debbe4c680be1dd02f5d3&price=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&evt=104&rid=bed87275e6125c2c999e18fb9d4bc084&campaignid=1143620&impid=44-dailymail.com.300x250-1&offerid=6237641&test=0&time=1647594756&cp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&acid=565&trackingid=8ccc0cdaf88c6f32f4ad8208f4dfafe6&uid=6359460436251910749&sid=12__1__61__24__28__41__47__59__38&format=&crid=685c3f36bc2955a7f529d0e3226c1fd1&bm=5&la=en&cn=us&cid=1364637&info=DQaGAvFQHNJwBKk4Nra3ZKj_k476zFUCgcbI55Y4CrGnSY8voZiXwHzQz3Nw_idb&sp=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&scp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&acu=USD&scu=USD&sgcp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&gprice=6ct17eDb00eJ__bOMkMauKpXmyt3H5XwA24ceIJIqno&gcp=NaS8fXLu2yKrRz18KqXw2BzeEkFCkZ1qiNofSCKAn_4&ah=&iv=0
Requested by
Host: windaloop.com
URL: https://windaloop.com/r/p.html?f=ctkglnf&e=1556073704375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/plain; charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EF0D 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
6213c51aebd23_300x250_loader___694c593housecrafters300x250.gif
ad-resources.brandcdn.com/ad_assets/s/v1594328/ Frame 859D 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-resources.brandcdn.com/ad_assets/s/v1594328/6213c51aebd23_300x250_loader___694c593housecrafters300x250.gif
Requested by
Host: ads.brandcdn.com
URL: https://ads.brandcdn.com/html/1594524_300x250_6213dff0931e6.html?fas_c=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3De923d3a7-f3e2-4649-b0ed-1bb25a32adca%26ag%3Dot2xv3l%26sfe%3D146bccfe%26sig%3D7y-Y6Z8yGWSEBBUOmeXtsQGOf42TKD7uwWBCtTHbQFo.%26crid%3D0ngdwb3k%26cf%3D3073917%26fq%3D0%26t%3D1%26td_s%3Dwww.dailymail.co.uk%26rcats%3Dzm4%2Cjba%2C7sp%2Cusw%2C5rf%2C7gr%2C3c6%2C2gy%2Chmy%2Cy29%2Ctmc%2Cd3i%26mcat%3Dttd-ct-52765%26mste%3Ddailymail.co.uk%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dtriplelift%26uhow%3D125%26agsa%3D%26wp%3D0.5%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D376%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D6.69%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABAA..%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQo7Ch1jaGFyZ2UtYWxsVFREQ3VzdG9tQ29udGV4dHVhbCIaCNr__________wESDXR0ZGNvbnRleHR1YWwKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3D4ljBsE%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dtl_ltriplelift%26ipl%3Dhd_97758%26ict%3DUnknown%26said%3D16836037779496610436190%26auct%3D1%26tail%3D1%26r%3D&oid=55952061&fas_m=aax-us-east.amazon-adsystem.com&fas_r=&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:2400:3:1de0:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03624127a6b5730f2eef60824a391fb3cc809524722d12e6b975139deebb31e6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.brandcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:48:19 GMT
via
1.1 1e50ca9ac269e92d749f11227b12760c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Feb 2022 17:00:11 GMT
server
AmazonS3
age
30261
etag
"af438a643f623b86e12dab8c99509c71"
x-cache
Hit from cloudfront
x-amz-version-id
E8nwkk0fjbJUPusjaN8dubzK7hLrXKqv
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
image/gif
content-length
105843
x-amz-cf-id
8O8JRC4jVAcM6lXhgtoqRMlN-QSwQkdvTAyxtb-xjdjmj2frh9B5zg==
vevent
nym1-ib.adnxs.com/ Frame B538 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QLEC_DtxAUAAAMA1gAFAQiEmtGRBhDg9fronvSPgDQY3cTIz6ry1aBYKjYJTwE8aW1poj8R6uLrtgQ2kz8ZAAAA4KNwzT8hBW7bgwmNmj8pNe84RUdyqT8xAAAAQOF6hD8wyY3bCziYUECYOUgCUPOelZwBWLmrlwFgAGi44bkBePnEBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA1NzAwODE1LCAxNjQ3NTk0NzU2KTt1ZignaScsIDY1ODY1MjcsIDE2NDc1OTQ3NTYpOwEdBGcnATEUNzM3NDEwAQoENDcuHgAwcicsIDMyNzUwMzczMTYfAPCLkgKFBCFHbVZvMHdqdHFNb1lFUE9lbFp3QkdBQWd1YXVYQVRBQ09BQkFBRWlZT1ZESmpkc0xXQUJnN1FWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFReG02aXNsY3FrX3dRRU1adW9ySlhLcFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdmZ1pJRDlRR1VrNjg5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1qWTU0QVB2TFlBRTVKejhCNGdFOTV6OEI1QUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ54QUFBSWdGbFNtUUJaZXdVS2tGUWJlWE5FYnI3RC14QgUnVENVZXVnX3dRVTBNek16amRMZlA4a0YBOxx3TW9SeGpfUgkoCQEIMlFVCQnAQUR3UC1BRjZpYndCWUxKX1FmNEJjXzUyd0tDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCagFeOE16TS1jX3FBWUVzZ1lrQwWACQEARR0MAEcdDABJHQw4dUFZS5oCmQEhbXhPSnBBOgkCMExtcmx3RWdBQ2dBTVQZbUxPZ2xPV1UweU9qVXlOamxBN3kxSglzFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXz0DgE4RDgu2AIA4AKbhU7qAhxodHRwczovL3d3dy5kYWlseW1haWwuY28udWsvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUyNjnaBAIIAeAEAfAE856VnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWosRb6BQQIABAAkAYAmAYAogYPMTAyNjQjTllNMjo1MzYxuAYAwQYABTco8D_QBqkl2gYWChAFEB0BWBAAGADgBgHyBnIIl7BQEmw2aEZQRkUwIV7YREFBa0NCUUVJcy1DTUNCQ2IwYnNDR0l1V253TWdCeWdBUUtHazNRZEl0YVRkQjFEdkxWanhLWH0TEEhnQWdRHRBsSWdCQUpBQkFKb0JBZ2dBgAcBiAcAoAcBugcPCAWKRCAAMAA43B5AAMgH-cQF0gcNCQmrBDRAAagI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=2f8474fcfff67a7870db3e04eee767c6a686c6e1&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2140665411369492194&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24561353&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:39 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
32251dac-b433-4103-9895-e88f4eaac0f0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F244 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=1123969779730784&rc=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7266 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 287C 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:39 GMT
async_usersync
ib.adnxs.com/ Frame 9F4E 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
33f53bfc-195f-4748-a777-1518439b5a9b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D6D9 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A92B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9rv0CCg7WDlPA_m1YpcojeGBPaQ1gVjUQtWgFEr3PUI77J6XhosocD9r-MFStkPEeMZv-0_lQp2jvLJ8B15Qjnc4YF1Omjofr2EM_AWO1RKZfYSPG&sig=Cg0ArKJSzDAEATFTY30-EAE&id=lidar2&mcvt=2367&p=25,8,275,308&mtos=2367,2367,2367,2367,2367&tos=2367,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3104278707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594756813&rpt=940&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5BE9 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:40 GMT
noop
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsf-tm.everesttech.net/stats/1/noop?event=adLoaded&sessId=undefined&cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&mpKey=btXxJqnWClDtkAjBpZEd&psId=3ULOuOEPIKm4jjXMIVZG&feedId=btXxJqnWClDtkAjBpZEd&rurl=https%3A%2F%2Fwww.dailymail.co.uk&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&price=55FC6852F576BD07&apv=undefined&rt=HTML5&smpl=1
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/vpaidjsproxy-20201012.js?feedURL=https%3A%2F%2Fas-tm.everesttech.net%2Ffeed%2Fplacement.js%3Fid%3DbtXxJqnWClDtkAjBpZEd%26tm_auction_id%3D253e6929850fcb43f736bb21ed8cc5e61753a6d7.1%26price%3D55FC6852F576BD07%26bi%3DB09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8%26PG%3DF%26did%3D%26didtype%3DUNK%26barefeed%3DT%26rand%3D1287238716%26seller_id%3D9929%26tm_user_ip%3D59dc12607309f79a1e60d0976a501731%26expaId%3D%26q%3DH4sIAAAAAAAAAGWRv08TYRjHuTug0JhAmpqYxuFsoinEXt_73YMBWwqltNdWjv6QmJj78R592-tdeXsHxREHo5ssGhx1UeMgm_wNxuhkdHWQqANhdLKITj7Dd3iSz_Mkn-_kD_3w7dfO5dsXjadPrsYej4Vn_d0eZDY9b9OBeg_1GdPrpgxkWRAzGUuDeBviNbgVwL4fOR699OYLGY8afnOwuuU2Fp2c38m0s72NJSvx_sUBwUXxRloI6qhQ8laU1nYlv9zsqOnP9z69mspGg2qx3hDbdk7Car6sqG65eXOfwKp3FzmOnhIZQCcayLW8nT5dXqdZwIB5eriQhHl6IAkzdKbXc2ADGkXkp0ReZniJThRX1tXSddpBHUjnodnxZujFFva6MKUoDGCEtCAwIktruq1j9Jc6IGhRsUyWk4DMA8WWFZ2FErCAIku6CFiZZ4-IWU7koaRwSloEtmkIvC3zkmFwLLTSpilCiZVFXpcsmWG_E-mJbw-oSJSvlSpBZalaKHaFdrupFuob-diUpSNntzuMoVsm6NAEIJRnzz8yJ9ceLZwSo8rwxy8imm-VAvcML1TkDG6pSN4Y7JHT0G95fSAne9izktu6tE9OY99InjeUtBHu-y_J0T7y4SEZCtyO6-24p2Qi_B8YGT9n4hd4BiS1cqaqrVTW96hCOIQDA5meO_3uvhCjaloufhYzI3_mZGGOQt1ell4eSl0a-BC7ulPFyIRr51QD-a0i3O1XJx9SIwfUv2OH1ES9mink7qxqRxQIkzUtQpZvxSiRFeKhbGDbuuPNjrECBzhufLlWKhWqcyE1M3RWzt0growcE69_fkhpvwEVHYwMsQIAAA**%26psId%3D3ULOuOEPIKm4jjXMIVZG%26page_url%3D&cpKey=rZ84uViILoH9hvOGFXkM&mpKey=btXxJqnWClDtkAjBpZEd&adKey=uPKVW5jfD6rMGN9MnNXQ&framework=vpaid&psId=3ULOuOEPIKm4jjXMIVZG&cd=%7B%22zip%22%3A%2214202%22%2C%22fbd%22%3A%7B%22ssb%22%3A%22F%22%2C%22psb%22%3A%22F%22%2C%22pd%22%3A%22dailymail.co.uk%22%2C%22mpw%22%3A%22401%22%2C%22mph%22%3A%22225%22%2C%22aburl%22%3A%22%22%7D%7D&price=55FC6852F576BD07&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&PG=F&pt=imp&cpId=721054&plcId=2528462&mpId=44337&adId=4118135257&psIdNum=50407&iasMon=F&env=site&conn=null&videoURL=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN1375681.3261625ADOBE%2FB26100003.326554515%3Bsz%3D0x0%3Bord%3D1287238716%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bamo%3Def_id%3DYjRM-gAN66WnSAAy%3A20220318041232%3Ad%26s_kwcid%3DAC%21uPKVW5jfD6rMGN9MnNXQ%21rZ84uViILoH9hvOGFXkM%3Bltd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
via
1.1 varnish
x-pt
P=317
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18156-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C08C 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:40 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C95D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jikg8h5HM1hfjjpLd9Xok7oSKixrUZneSXQ5anfA81FcNgR%2FWOW0qQu4KTnYE1bksYAAgSkyi5G2LopiSLF6fU6tklsQJGmVOpxmX7WAhJeE%2BXhK1NKDn4wiO5TVdeKb5LNrx3i%2BlYGLYPESsrApoDPw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd9136d87d157-BUF
expires
Wed, 08 Mar 2023 09:12:40 GMT
animejs.js
static.criteo.net/animejs/ Frame C95D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame C95D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame C95D 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
all
csm.us.criteo.net/ Frame C95D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=n2c1L76B_In13vMtVM4fS82-Xwxgdm7AO95dm_2bHlYfMvfHhbOr4qgSq-di1_VxSb1ZAtRqOUzVC73APDQ1yuQIyaiCR_gwF85qOO9q4JGTJZjRFxntw8cxVz2hghtflJgsrLK5tb5_BUoxm0qY6CJ5FI4IOZfrPWP0WVGYHo6FpuQzvFISydScqV1qN8nFhCBbWDZGwLRxVEMh7Mj-euXKeE_3DLcfu5Ain9fYw8QYTuIvFb6dOmEPzR4&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C95D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C95D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6AFA 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:40 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 42DB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVmLQ%2FuDYvboGc2PzFqXCxzMXfzH0qqasSJqo4czfS543lh14BXjX0W3MzSTYZsukmHbYJ9Rm7%2FwzjL6vYjEXWoRiZUtUu1%2FEmvj42SAHp9YXv2so6EzTZsoOX6uUKEwwTHVrJzHFZhkzXZ%2FYiNxe5uk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd913bde8d157-BUF
expires
Wed, 08 Mar 2023 09:12:40 GMT
animejs.js
static.criteo.net/animejs/ Frame 42DB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115996
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
all
csm.us.criteo.net/ Frame 42DB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=JsJCTb6B_In13vMtSPBHJC8_YOJWJMcNz9vzN5nrm7ZZu9DESdGchWfc1Gu3E_EAPXQ2dgK3N35I1KFsowHUEbHHyzIyUk7rYv6bQMkLH-osqDmtQZJxAgKuAEf1rGu5n9g-1rpdz4OVJ-yC9hE20Y2F9j2zOsulkIqb5kmFXeF-ZYQhuVTctMjjiHwQ1ismfnBWwH-w-HpnnVAAZ0V61J4JL06oxFFSM3KuhbecCENJeQtjl10qZGEknJc&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 42DB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 42DB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
load3.js
ssl.connextra.com/services/ActiveAd/ Frame 0AD0 		3 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/load3.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250&pubhost=windaloop.com&apnauc=3747064854672751328&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FTwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjUyNjk%3D%2Fbn%3D90745%2Fclickenc%3D&client=NBCSports&dspid=3bc1d7fd2e&placement=DDM_APN_US_Sports_ACQ_300x250&bidid=3747064854672751328&_cb=1805027443
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.133.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-133-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250&pubhost=windaloop.com&apnauc=3747064854672751328&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FTwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjUyNjk%3D%2Fbn%3D90745%2Fclickenc%3D&client=NBCSports&dspid=3bc1d7fd2e&placement=DDM_APN_US_Sports_ACQ_300x250&bidid=3747064854672751328&_cb=1805027443
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2016 14:10:53 GMT
server
AkamaiNetStorage
etag
"743a5e7701b844723629ba8123740a92:1479305453"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
687
unip
trc-events.taboola.com/1125455/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1125455/log/3/unip?en=pre_d_eng_tb&tos=12188&scd=6&ssd=1&est=1647594748165&ver=35&isls=true&src=i&invt=6000&rv=1&tim=1647594760354&vi=1647594748161&ri=0d6da89cdbde260a68eee94a7d7d4cf1&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&ref=null&cv=20220313-3-RELEASE&item-url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EC20 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Fl9kJas1KxAAW70UyU%2FWFOcrtKmNy8thXr71DR2kbNqu9Jnhg%2B%2Bv6GiZUd4Gllw8OFt6Cs17efXhV3YFQqPBIGYpXdIHSISFoSCiC6d%2FTmiZMii0TLzipoIM6%2FHNoXTg4gL4JrmUACIpT%2BQLaQ6O4vz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd914cf3cd157-BUF
expires
Wed, 08 Mar 2023 09:12:40 GMT
animejs.js
static.criteo.net/animejs/ Frame EC20 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame EC20 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame EC20 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
all
csm.us.criteo.net/ Frame EC20 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=k23LxL6B_In13vMtF7A1Vlosp-lp548zp0WNKbY_KSO6NSBF7mnOfTyYjSUBGoqKsyerOgVJBEALxe6Q9NIu-CnnWAH6C_PtttXwvWC5JKmRhl_cO6gWmGfQpEIaoKB2AP26vY8b19Py520e4ppuqsIjKkhAJ43Ysmqo1P5jcqb80Q0CByN4IggT5mxybOwxM_ctvMaBCCm_hJoyEJvMWF14mSeFgpF1Ny_t7dQy7em8dZlCZ7bolzKgaJQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:40 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EC20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EC20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D7663,0,0,0,0%26mtos%3D7...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D7663,0,0,0,0%26mtos%3D7663,7663,7663,7663,7663%26amtos%3D0,0,0,0,0%26mcvt%3D7663%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7903%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D1%26dur%3D10645%26vmtime%3D8000%26dtos%3D2127%26dtoss%3D4%26dvs%3D2127%26dfvs%3D2127%26dvpt%3D2127%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2127,2127,2127,2127,2127%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7663;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554;ecn1=1;etm1=0;eid1=960585;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=videoplaytime75&ad_mt=8001&acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26tos%3D7663,0,0,0,0%26mtos%3D7663,7663,7663,7663,7663%26amtos%3D0,0,0,0,0%26mcvt%3D7663%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7903%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D1%26dur%3D10645%26vmtime%3D8000%26dtos%3D2127%26dtoss%3D4%26dvs%3D2127%26dfvs%3D2127%26dvpt%3D2127%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2127,2127,2127,2127,2127%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7663&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm_:onejs_load_evt@v=1444,onejs_exec_time@v=1,aax_load_time@v=2223,aax_load_time_one_tag@v=2223,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame F69D 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1444,onejs_exec_time@v=1,aax_load_time@v=2223,aax_load_time_one_tag@v=2223,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=bacb9e22-a2b1-4d1b-aab7-4652e397aaa7&session=880303a4-ebb9-44fa-bf86-31cd9ce8125e
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:39 GMT
x-amzn-RequestId
0b9e5bf8-9c9a-461c-972c-26218e0d4b1e
Content-Type
text/plain
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AB97 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bl6XdQI6PzLUEbWAbpLzmceBtvrWE4nEzC3Q1lCnBB1sa%2FmJYVYGEUofQpWyj8SPh057Dd8njbua0btxUlYELKYJEM%2Fgo3nkeo28g23YniByA01fVEK5Wb9%2FIDBTGdRbqKnxf%2BAfV3%2B5YAsIEXdlVR3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd9151f9bd157-BUF
expires
Wed, 08 Mar 2023 09:12:40 GMT
animejs.js
static.criteo.net/animejs/ Frame AB97 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame AB97 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame AB97 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.84778%2Fw.900%2Fh.900%2Fitalian%2Bleather%2Band%2Bstainless%2Bsteel%2Blamp.jpg&v=3&w=400&s=Te5FhJ9mrCc_1bOTnSAksJup&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
10cc8e454acb381275dadc2c3a985ff93db8e8e4522dcacbee15f0c10a10b3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=221756
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2528
expires
Sun, 20 Mar 2022 22:48:36 GMT
all
csm.us.criteo.net/ Frame AB97 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=G2MgWb6B_In13vMtdoxUyV3ffQLfIQulqXq4KCKgl444OdCupp2jvxo7tyHvuw8jQijs9wprgiKBNvUJIiL5R1_vad95ye4vxf-l8TPGpLTdQrsILAOhghkQqLh_tkor_heeBKr5DKJD2gnuDbsoaQkz1g_gmp8jcaH_pCXp8TR8E-ZHKfZOw8tHniCimT4IZu7os4eN89FQ6K12UnQdDBkKBrJoKOTB0tk7Keiu-Irao4aCIm-u_jU7O-E&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
vevent
nym1-ib.adnxs.com/ Frame C89C 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKfD_BMnwcAAAMA1gAFAQiEmtGRBhDB95q006XI5yAY3cTIz6ry1aBYKjYJ4xo8n0MRlT8RhACdVRVBkT8ZAAAA4KNwzT8hhACdVRVBkT8p4xoJJPCfMQAAAEDheoQ_MMmN2ws4mFBAuGhIkQRQhbG2nAFYuauXAWAAaLjhuQF4_6sFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay-AAwCIAwGQAwCYAxegAwGqA4cLCt0KaHR0cAEy8LB0cmFjZS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1iZWQ4NzI3NWU2MTI1YzJjOTk5ZTE4ZmI5ZDRiYzA4NCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF8yNwAMQklEXwE2CGFkXzIYAABBCRcFkwwmaW1wAR5oMjM2NDE0NDgwNzQ2NDg0NDIyNSZwcmljZT0kFYfwT1BSSUNFfSZ0ZXN0PTAmdGltZT0xNjQ3NTk0NzU2JmFkcD10Nnd4N0FlZ2s4S2MxSDlyTFVTbGtXd0wxcWJ3TXZ3d0JJRkQ2M2c5YzBBJmRzCXn0QwUyJnVybD1UZFBVZ3d0R2lSenpHQ0lFbHJVUWNIQjg4c1VBMmp6eVU3aVUzRF9pSDYtYWVZQXNiMUN4aDJlSTU1b3VvRWF6ZTFzczFzN1NIUHR2RUhNQ3cybFlYWG53U3dCbE9hZ0hqcHdLeWdFYV8wblk4OHQ5eWdhcjQ2T2kzZ3MxWGhpblJkS2R2M1VpNWZTZndRc29DN1M5eE1tSzdGS0JFZ0RfSDRqMVN6X205NVBSWTdmRlhDWHgyM3l1cnpiRXd5aVFMTGMwTVZmUDFXUmNYaVFMRW5fSHNsa0FDUDViaTBrUy1uODNZcTFTSFlRSXY3X0l4OW13UEQ4cVRqYm0zb2Q5dEU2MUllTTItUGh6blc1U3VHUFZSYWpfNWhQX3NzRFFkdnMtQXVTR0F3SFpGVUwxb1ZCSExCY1M0X0lEUlp4dzloR1lWVFpNTmtZUTd5SFlXR01vcmgxX1lDYWtyZ3pqblBZTmRKQ0Q3QkN3NUZYSWhEX0RfUk5vQWNKWmxNNllaVW8xdUhta3FLZVVUbGRyTDdLbWZPbHZybXlqbnF5RGJ6QWxVZ2tZZHg4OVlYTURSVzAtbWR0RmRjbEpma05yQWZveXZ2WUVtWmZZZnBXNFJtYi1sX1pmd3E0MHJPb2s1aHBLTkF4SnY3MTZfSWQxSFBPMUxPSG1DaGJvUmJVSnBQTlVQUHBiSkN1Mkw4Q0pReVcwZmdhdGdmWjRpMEllYW93ZEZHaVI0R1NkN0U2eDFlZVVDUV9vQ25aMlU4STgzbjF5dmIwNTdxWDVoLWVESDJqV2tQbWx3X09xZFhwZkVMVnQ2R2ZTektWYm94YXU3LVVSZ0ttaG5XTjFxLW51Tl9RRi1NZzdjOHpVUEduXzg0aFJMbUhJZlR1OGxMRE5ueGYxYnczU2dOM1k2VUhkN3VyYnI4aGZycHo5aEhPR19hUkdKZzN4NFFtRENvSWM3MkVieFI2X0VKUTlHd2o1cjZ1RnZ3OG5sX2l5cFBqbDNGY0lYZmc2WE11emZ5Y2ZTWlhqcERJV2JoeWgtX3p2MnBpaFN2S0VObjR1OHpnQ3QxMnNkMkdmNGVHWDYtaFllQ0hiLUpra3JOSzY5NFI1Q1E5Y3cwb1Fsb0swbC1hcHlsTkRZS0dXM1dDSldRY1FET0FlQmd6b2EzOXQ2NnhsMm9LQnlQbXJFOTBxZV95ME1IVnN5aEN6cm4wQlRHbnNoTFNnYVZZQk53V3BMUUVGbWFxV0hyRHFQR3d2M1JDazc1RDBoY1lXcU5rRVpPQmEzRWlxUFhkMDdELXVNak5mVndXMjBQbFo5Ti04Q3ZHVWN6aF8yTjBia0xnGhMyMzY0MTQ0ODA3NDY0ODQ0MjI1IgkzMjgwNDY3MjUqBTEzMzY4wAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIWxtpwBiAUBmAUAoAWww4i8kvbI0w3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWz5D36BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzExNDM2MjC6Bw8IABAAGAAgADAAONweQADIB_-rBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHsfD4BYoIAhAA&s=528bc2363216385e0d304da7c2670604a140a6cc&type=nv&nvt=5&jm=1003&px=0&py=1&bw=298&bh=174&sid=2140665411369492194&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24561353&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d8373665-a5e4-43d3-8bac-3a3de6d23eba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame BD3A 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKWC_DtlgUAAAMA1gAFAQiFmtGRBhCP886KpMGdnlYY3cTIz6ry1aBYKjYJmqwn_z2guj8R_v5XVW1osz8ZAAAA4KNwzT8hLFzEa6aYwD8pv2VOl8XExj8xAAAAQOF6hD8wyY3bCziYUEDcE0gCUISnh6QBWLmrlwFgAGi44bkBeJO8BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTI2NTQ2MiwgMTY0NzU5NDc1Nyk7dWYoJ2knLCA2ODk5NTE2LCAxNjQ3NTk0NzU3KQUdKGcnLCAxNzIxMTczSjsARHMnLCAyNzE1MzgyOTYsIDE2NDI9ACxyJywgMzQ0MDUyNjE6PgDwi5ICuQQhZEd1dXBRaVl6dWtZRUlTbmg2UUJHQUFndWF1WEFUQUFPQUJBQUVqY0UxREpqZHNMV0FCZzdRVm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZk5KNEFmcHhNWV93UUh6U2VBSDZjVEdQOGtCQUFBQUFBQUE4RF9aQVFBCQ50UEFfNEFHOGpxVUQ5UUZDSnpZLW1BSUFvQUlCdFFJBSQAdg0I8IF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0l5NHpCOFFBUmdDTFRNek16LWlBdzRJakxqTUh4QUxHQUl0TXpNelA3b0RDVTVaVFRJNk5EazRNdUFEN3kyQUJPRFI4UWVJQk9uUjhRZVFCQUNZQkFIQkJBBY8FAQh5UVEFCAUBGE5nRUFQRUUFDAUBeENJQmZZbW1BWDRzTDJCQWFrRlFiZVhORWJyN0QteEIdOzx3UVVBQUFCZ1ptYm1QOGtGAT8cWUlGRDBEX1IuKAAAMgUoAQHARHdQLUFGX0lvQjhBWFV3cG9JLUFXMnNNRUNnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWQE1CQEkS2dHQkxJR0pBawkQAQEAQh23BEJrARIJAQBDHRhETGdHQ2cuLpoCmQEheUJBUXJnOj0CLExtcmx3RWdBQ2dBTR3dTE9nbE9XVTB5T2pRNU9ESkE3eTFKCV4UQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MEDRBSWtCERDw_ThEOC7YAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdHOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAs5Ni45LjI0OS40MqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4yNTI0I05ZTTI6NDk4MtoEAggB4AQB8ASEp4ekAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfXJNPoFBAgAEACQBgCYBgC4BgDBBgAAASYo8D_QBpkJ2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADjcHkAAyAeTvAXSBw0JETwBOAjaBwYJJ0jgBwDqBwIIAPAHsfD4BYoIAhAA&s=e5c58252b29f8b230dc3af802e641a911dfabf4b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2140665411369492194&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24561353&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f85294d0-9386-431a-9018-fcef5e024fb3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame B538 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QLEC_DtxAUAAAMA1gAFAQiEmtGRBhDg9fronvSPgDQY3cTIz6ry1aBYKjYJTwE8aW1poj8R6uLrtgQ2kz8ZAAAA4KNwzT8hBW7bgwmNmj8pNe84RUdyqT8xAAAAQOF6hD8wyY3bCziYUECYOUgCUPOelZwBWLmrlwFgAGi44bkBePnEBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA1NzAwODE1LCAxNjQ3NTk0NzU2KTt1ZignaScsIDY1ODY1MjcsIDE2NDc1OTQ3NTYpOwEdBGcnATEUNzM3NDEwAQoENDcuHgAwcicsIDMyNzUwMzczMTYfAPCLkgKFBCFHbVZvMHdqdHFNb1lFUE9lbFp3QkdBQWd1YXVYQVRBQ09BQkFBRWlZT1ZESmpkc0xXQUJnN1FWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFReG02aXNsY3FrX3dRRU1adW9ySlhLcFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdmZ1pJRDlRR1VrNjg5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU1qWTU0QVB2TFlBRTVKejhCNGdFOTV6OEI1QUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ54QUFBSWdGbFNtUUJaZXdVS2tGUWJlWE5FYnI3RC14QgUnVENVZXVnX3dRVTBNek16amRMZlA4a0YBOxx3TW9SeGpfUgkoCQEIMlFVCQnAQUR3UC1BRjZpYndCWUxKX1FmNEJjXzUyd0tDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCagFeOE16TS1jX3FBWUVzZ1lrQwWACQEARR0MAEcdDABJHQw4dUFZS5oCmQEhbXhPSnBBOgkCMExtcmx3RWdBQ2dBTVQZbUxPZ2xPV1UweU9qVXlOamxBN3kxSglzFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXz0DgE4RDgu2AIA4AKbhU7qAhxodHRwczovL3d3dy5kYWlseW1haWwuY28udWsvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUyNjnaBAIIAeAEAfAE856VnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWosRb6BQQIABAAkAYAmAYAogYPMTAyNjQjTllNMjo1MzYxuAYAwQYABTco8D_QBqkl2gYWChAFEB0BWBAAGADgBgHyBnIIl7BQEmw2aEZQRkUwIV7YREFBa0NCUUVJcy1DTUNCQ2IwYnNDR0l1V253TWdCeWdBUUtHazNRZEl0YVRkQjFEdkxWanhLWH0TEEhnQWdRHRBsSWdCQUpBQkFKb0JBZ2dBgAcBiAcAoAcBugcPCAWKRCAAMAA43B5AAMgH-cQF0gcNCQmrBDRAAagI2gcGCSdI4AcA6gcCCADwB7Hw-AWKCAIQAA..&s=2f8474fcfff67a7870db3e04eee767c6a686c6e1&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2140665411369492194&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24561353&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fda7486e-4ffd-4efb-93ef-b18b6fed6c5e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FAB1 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cd636e77-73bd-42da-a8ec-96df1ca59c14
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2173 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159335&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 06:39:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame BE26 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159335&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame F2A3 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159335&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 035A 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:40 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1347865-bdcd-4c0c-b18b-336adf90dc1e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D60F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspHz0QP441AhKpKDbOFuyL-abwHALTTEtOkCVaT0F3XKEe3f5Ge78WdzWie2cC0UDLT4iUs1pFboXNeNQs2hGZbhZ27P-PRuKbyRFjP9IVPeoUtJwR&sig=Cg0ArKJSzHzV60Sita4rEAE&id=lidar2&mcvt=1807&p=25,8,279,308&mtos=0,1807,1807,1807,1807&tos=0,1807,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=1282380556&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594753484&rpt=5269&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
pd
us-u.openx.net/w/1.0/ Frame 0DCB 		733 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
447
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6BE3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18168-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10514
X-Timer
S1647594761.745494,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1064 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 90D7 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 0DBF 		661 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
7c8012200e257e3a5cd6f0d73a78f21d5a240bb5db7c61b809059e2a7320cbfc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
661
img
pix.us.criteo.net/img/ Frame F5EF 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AC9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10413
X-Served-By
cache-lga13626-LGA, cache-ewr18169-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10556
X-Timer
S1647594761.752316,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame BEBA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 713A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 023F 		733 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
447
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame 98EF 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
us-u.openx.net/w/1.0/ Frame AAA4 		733 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
447
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 80D9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 89EC 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 4F14 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9509 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18134-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10935
X-Timer
S1647594761.784830,VS0,VE0
Vary
Accept-Encoding
img
pix.us.criteo.net/img/ Frame 8724 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 8724 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 836C 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
us-u.openx.net/w/1.0/ Frame 68AE 		733 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
447
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0D52 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18168-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10515
X-Timer
S1647594761.799437,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E404 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 320F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame D6B9 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
us-u.openx.net/w/1.0/ Frame D7A5 		733 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
447
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
showad.js
ads.pubmatic.com/AdServer/js/ Frame FD9D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CFB0 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3560 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18134-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10936
X-Timer
S1647594761.800563,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4544 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10413
X-Served-By
cache-lga13626-LGA, cache-ewr18169-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10557
X-Timer
S1647594761.803574,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D845 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A9CC 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 0821 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
us-u.openx.net/w/1.0/ Frame D047 		765 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
1963ca27f082c71ce37f4bc79af8f26d413f83df94e6b694fbbb1281ce2c72f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
456
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pd
us-u.openx.net/w/1.0/ Frame 43F0 		765 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
1963ca27f082c71ce37f4bc79af8f26d413f83df94e6b694fbbb1281ce2c72f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
456
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame DB29 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18142-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10444
X-Timer
S1647594761.815210,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1BB1 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9236 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame FE3B 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
img
pix.us.criteo.net/img/ Frame 999A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 7CFE 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8D68 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10413
X-Served-By
cache-lga13626-LGA, cache-ewr18180-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10400
X-Timer
S1647594761.812231,VS0,VE0
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 889C 		765 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
1963ca27f082c71ce37f4bc79af8f26d413f83df94e6b694fbbb1281ce2c72f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
456
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A9B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F695 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
adchoices.png
creative.stackadapt.com/icons/adchoices/ Frame 8EA9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.stackadapt.com/icons/adchoices/adchoices.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-24.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d43759eeb0bad511a676b580e58291166dfc2375212a83fbcdf622f7c39e8470

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:00:35 GMT
via
1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront)
last-modified
Wed, 02 May 2018 19:08:42 GMT
server
AmazonS3
age
36726
etag
"a6bd1f0398efa7662720ba282d2012e6"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
1747
x-amz-cf-id
mTJn5BxOv4nqJAT1bDBzJLiA1Ye11In7KOuXJc3asPXgWz0xYOconA==
dcmads.js
www.googletagservices.com/dcm/ Frame 8EA9 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Mar 2022 10:04:56 GMT
cookie
srv.stackadapt.com/ Frame 8EA9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.stackadapt.com/cookie?campid=214464&nativeid=1790735&domain=dailymail.co.uk%3A%3A156&auctionid=1-5231-164759475895511090205804-1&impindex=0&m=MjYwMjpmZmM4OjI6Og&isipgen=1&conv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.17.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-17-234.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:41 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
win
evm2.stackadapt.com/ Frame 8EA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evm2.stackadapt.com/win?aid=1-5231-164759475895511090205804-1&sid=1&wp=YjRNBgANtZsKn72PAAUuObqG4AaAw24v0bhOWA&rid=YjRNBgAOWzYIaASVwAROqg&network=156&t=1647594758&said=1-5231-164759475895511090205804-1&sanid=156
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
moatad.js
z.moatads.com/stackadaptdisplay515602019759/ Frame 8EA9 		326 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d80bf2bad8f919f7c28fefbbee6ca0c37afbd11514fc1fe67b162e683dc6c7bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:24:07 GMT
server
AmazonS3
x-amz-request-id
TWNZDJM509YTCX4Q
etag
"abf0d0b74c82d35752c8a671424ecc20"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=55824
accept-ranges
bytes
content-length
112028
x-amz-id-2
1gUoYuhUCgS15bCKv1/4kMWNnLv3mBlFV0+9vHBuUej+Zs2/Bfjmywtcim+J3Q1U8JQ/3HOVowQ=
saimp.js
creative.stackadapt.com/js/ Frame 8EA9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.stackadapt.com/js/saimp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-24.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fde3f58eb5e95a8a7994102c7ea88ff589a6d4196d16257d263a9821d18bbec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 14:20:38 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 15:04:41 GMT
server
AmazonS3
age
67924
etag
W/"2217d6d596583f0872b3658df2b8f5bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
Gv9e3SZ7J9UuHUSTAKluI-cn62qi3yuI_UhysU3StJjND_yrjDz8sg==
saurl.js
creative.stackadapt.com/js/ Frame 8EA9 		1 KB
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.stackadapt.com/js/saurl.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-24.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f0891439aea7ee7704a8248eaad5b30bb57a37c6d00093f086e8872638de0ab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:21:45 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 16:07:58 GMT
server
AmazonS3
age
31857
etag
W/"b2d0ef851d32cf9bf2dfd7f0c93a5712"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
z9Oyx4qSACdEq91G-ixWUeVPP7O-TjjxhE4Z0Bhb-BI4DdZC3-WN9A==
cat.js
creative.stackadapt.com/js/ Frame 8EA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.stackadapt.com/js/cat.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-24.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d51f4eea47f0ab93be7693f749f5528bea2acf65c7c5ef2f6bafa387e66150d6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:00:26 GMT
content-encoding
gzip
last-modified
Mon, 27 May 2019 18:22:42 GMT
server
AmazonS3
age
58336
etag
W/"055c651fef8c3097ab8888ef1c2bc83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
OpPjjwNzw22K73MnayO3dy3F4SqGo7wgexcn6BbqqyQHm7EFIhr7Hw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 8EA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:05:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8EA9 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 8EA9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:07:31 GMT
pd
us-u.openx.net/w/1.0/ Frame 2181 		594 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d3980f4268781baf6bfee7879bffa62f8b0e1fe0c0bca609b8d2299aca75f02c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
355
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame 5023 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3FB2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18134-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10937
X-Timer
S1647594761.819160,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0196 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 1BEC 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync.html
eus.rubiconproject.com/ Frame C1A8 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C30 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18134-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10938
X-Timer
S1647594761.826800,VS0,VE0
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame A4C6 		594 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d3980f4268781baf6bfee7879bffa62f8b0e1fe0c0bca609b8d2299aca75f02c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
355
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame D25B 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame F9B1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
img
pix.us.criteo.net/img/ Frame 9E96 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0345 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 05A5 		594 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d3980f4268781baf6bfee7879bffa62f8b0e1fe0c0bca609b8d2299aca75f02c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
355
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame C364 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6F6C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18168-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10516
X-Timer
S1647594761.828769,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 4D77 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6DB4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3002396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPJGwe69maqn6RwSF6UTUUTPie%2B2FRLky8sluahbd%2FNHk6eBlzniUFy92JNVuwEG8Y2CTNUSLCxOzPh0TeQiiOG%2Fq%2B2fjnXdNamH%2F06LaO6LQjvarSEkXbqOkYr2SfWeu5FJT1VNQfEtfzvJ5NPllNeb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd9171987d157-BUF
expires
Wed, 08 Mar 2023 09:12:40 GMT
animejs.js
static.criteo.net/animejs/ Frame 6DB4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=68585&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F68585%2F200306%2Fa9a3743ea6284fb28820ab7139eae4d8_rosssimonslogo.png&v=3&w=596&s=Xk3e3muS6qV0y11Y3wGF3tLc
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2cfabba495f8bbc01a2c3d2cdeea507f9d3f806fd60ef24c756f424ba2c74577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28756811
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
34803
expires
Tue, 14 Feb 2023 05:12:52 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F928229.jpg%3Fsw%3D350&v=3&w=400&s=mdzXVWQCsyA891nGueOMZtAO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
79d47ef9c2e4543a78e3f00ad19d4b1c9ffd550f8fb69648d4cdb4cd94563aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147714
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8596
expires
Thu, 31 Mar 2022 16:01:15 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-earrings%2F936180.jpg%3Fsw%3D350&v=3&w=400&s=3u6RQYHQWnXnsgOr08tJgSRs&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40fe4c7f0bd58cf2596a85ad50e76695d76df8cf9a722e6f7154fb3bfb1557c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147714
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9000
expires
Thu, 31 Mar 2022 16:01:15 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F943596.jpg%3Fsw%3D350&v=3&w=400&s=JGnQm1wlWEA0W-N3eifaO82_&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b595a92bc911ff548e03fe3738ff3b729ea5190c78ac391fc35c38fabdfaccfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147711
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15238
expires
Thu, 31 Mar 2022 16:01:12 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F913211.jpg%3Fsw%3D350&v=3&w=400&s=xafLbmpIAv9G5jgaHYaPA8c1&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
624911fd162802388368d31f2492b1468d81a31ec18d50e49c4b43cc0ded5e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147755
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13320
expires
Thu, 31 Mar 2022 16:01:56 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-bracelets%2F863321.jpg%3Fsw%3D350&v=3&w=400&s=l-wETvog-UGgTs4ysG8WMeSs&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
61a48570fd3262b24f84f07f267ef62adbecb776a1a0f3e3cd233e5c440004b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147713
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5702
expires
Thu, 31 Mar 2022 16:01:14 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F944665.jpg%3Fsw%3D350&v=3&w=400&s=IZx0R0fPs0A0KW8bebEpJu0m&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e45065cc3ce69b5c38ef7cb8e6cb5a44154cd8b6cc5a84291d0cf96949ea3b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147723
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11718
expires
Thu, 31 Mar 2022 16:01:24 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-mixed-metal-rings%2F912311.jpg%3Fsw%3D350&v=3&w=400&s=48x8eBLf-lGNo6YVL0Q_OQmw&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
13743d7bc00e66c334b975747f8948fcb50c9ee67c9588137647c85e49caf193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147711
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
17782
expires
Thu, 31 Mar 2022 16:01:12 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-sterling-bracelets%2F931255.jpg%3Fsw%3D350&v=3&w=400&s=ye8psQArdpiE-Xg03oNklNt2&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0db71f2223124ef87e61e1bb035e68fcc2cf0f5a4e7462afc981eb41c8bdc4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147721
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8326
expires
Thu, 31 Mar 2022 16:01:22 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-sterling-bracelets%2F930693.jpg%3Fsw%3D350&v=3&w=400&s=FmNTiHpvtMAM2_5C_pGqDb6j&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e7e2060be119da9157043159de3e65f9e9779b0b8466d692a3e2967893b772cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147722
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14484
expires
Thu, 31 Mar 2022 16:01:23 GMT
all
csm.us.criteo.net/ Frame 6DB4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=lLmZob6B_In13vMtNQHOHiugvmZhuip7oyMF4dQi_IIjPOYYjlGte-8q1kmlVN7XZskEbuIDS7LDGWlUyH7ws-vAOhhWE-YorwUEcE-CrXT-KNMIjGGwGZhE5QJM5M8LLzvOgPMOZD2skil3GVmoZVWJKsYI7qkL_a1gx5RdJifne3R6v0u7IR9OtM0tE7NQmrsT-anOlNyw_YkN8GtOiL0os6RwYaaSVwtjeQyF-PlKJW_QbpTSLogZcxE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6DB4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6DB4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Mar 2023 09:12:40 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7876 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame D7A1 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
us-u.openx.net/w/1.0/ Frame BB9C 		68 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
70
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4445 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18168-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10517
X-Timer
S1647594761.857414,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 74CD 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA9C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=1432210398034083&bg=!qKulq-_NAAba2mK92to7ACkAdvg8WuyJHGUM0IzbtnzyiVZmZetQgF9FON7l8Mg4PhrBPHQVNLAzsAIAAAh2UgAAAAJoAQeZAwXo4jK5n-UrrOybYCOWvN-nxS_xf1a5hmLWFFhdxPfHI2ZQc0kwPEWcvkxQtxwihYa_3twGSuSxDrsiyH7EngbubiJetwb2R7aAsyBgORfKKxD4QYTTYv74LJyOvtnTcPrAxrmJyAwxGbLvarLa6hIYDt1Dto67_-Ex1djY0_YhfM7lQg9WfOOnNKf-mxIA4_yh3oQ9epD5z90Xgjq84QH1JjlJrNXKKwJhBvs-DpBs1vpzpgI5tIC_yfQ3AYQtADOXCOpgnPFIdS6_bkVqEKHx51noN8ZZtjdXTbMh04gkoQJbZYGF4MhFlAq1E4GPVLBO3sbykWuMXt0OXArVbp7dYHjIHVFMv9K1uGb7SMm6Z3xFw5YDzBByZY-ZcP2Dxu07k3PBxc-T1T3g1bqMQ20fWBMHjMFJMb9s11A8anEK_p4NzKfSTvg7klPCYuKkP2zAdxH4H8KquYR4yYxcFURYxXgy-5uZ4NqiVT_OKwU8iCB23Mc0H1nMpUSaSc4JEc2ueY2Qmn3ItR0pJMGSoSDAulsijQE6p9eH8niK1FyomC63XUEiQbo6gtyVO1marj60x8NrM83GSFZgC9qobAqemymdeDXZ4IhO8l_CbQFYjO-QSrpqOHYfnp8SocYGA1v8I_pScCXY7CB_qik1hP_WzCtrUwU9TqE9LOyqZJLbT624tU74GCkIPmuNjoA4G9cl0KxorBF_-YASJ_61Otb0BC6VrahVuVvw1G9kKBnLOh7kzkDcaoJULyQD5CxmVMRl46seubvmcygaAgol8Rf44nXqnezlFj9xv2jHPDa9L3SD_7bMWmLniZjn8f1cWl07S39MmYaKN0aVZjdsotIwWh_UP4WvGi3lauObflE-O9EZdDaJTHN9PIrUlfXMyaAkxkZwfk9Laa8qZ_gTcMaFZ-UcOfI87nwVfQFN1fOK7JZzms0OEFORPnfPhQ1Wp7N99s5jdGHS0D27NDnhC7tJqp6TsYHRWx_MLaAXTvB1WN5-25PCT-lAMrT-KwYMtgJGelIK7w
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame DB13 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
imp
adservices.brandcdn.com/pixel/ Frame 4E08 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/imp?aid=249101&cid=2711281&imp_ck=09a7be08-91dd-4f04-a167-a1ac372be137&m=aax-us-east.amazon-adsystem.com&r=&crid=8229084&oid=4932764&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Requested by
Host: ads.brandcdn.com
URL: https://ads.brandcdn.com/html/1594524_300x250_6213dff0931e6.html?fas_c=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3De923d3a7-f3e2-4649-b0ed-1bb25a32adca%26ag%3Dot2xv3l%26sfe%3D146bccfe%26sig%3D7y-Y6Z8yGWSEBBUOmeXtsQGOf42TKD7uwWBCtTHbQFo.%26crid%3D0ngdwb3k%26cf%3D3073917%26fq%3D0%26t%3D1%26td_s%3Dwww.dailymail.co.uk%26rcats%3Dzm4%2Cjba%2C7sp%2Cusw%2C5rf%2C7gr%2C3c6%2C2gy%2Chmy%2Cy29%2Ctmc%2Cd3i%26mcat%3Dttd-ct-52765%26mste%3Ddailymail.co.uk%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dtriplelift%26uhow%3D125%26agsa%3D%26wp%3D0.5%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D376%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D6.69%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABAA..%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQo7Ch1jaGFyZ2UtYWxsVFREQ3VzdG9tQ29udGV4dHVhbCIaCNr__________wESDXR0ZGNvbnRleHR1YWwKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3D4ljBsE%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dtl_ltriplelift%26ipl%3Dhd_97758%26ict%3DUnknown%26said%3D16836037779496610436190%26auct%3D1%26tail%3D1%26r%3D&oid=55952061&fas_m=aax-us-east.amazon-adsystem.com&fas_r=&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.144.122 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-144-122.us-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d2d98c9925e1a4c82850f58a72eda3f246eb1edbf6fe11b0bf9cc28753f23c11

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.brandcdn.com/

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
text/html
content-length
1199
server
Apache/2.4.29 (Ubuntu)
content-location
imp.html
vary
negotiate,Accept-Encoding
tcn
choice
last-modified
Mon, 26 Apr 2021 08:47:42 GMT
etag
"1253-5c0dc32dc08bc;5c0f60998a7e1-gzip"
accept-ranges
bytes
content-encoding
gzip
usync.html
eus.rubiconproject.com/ Frame EF5F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0B98 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:40 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18168-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10518
X-Timer
S1647594761.897439,VS0,VE0
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 7FF7 		68 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:40 GMT
content-type
text/html
content-length
70
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame 0B85 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 08A2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56170
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:40 GMT
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 45C3 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:41:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:40 GMT
syncframe
gum.criteo.com/ Frame 54A9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2753
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D1BD 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame C95D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753013
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame C95D 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206487
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
css
fonts.googleapis.com/ Frame F5EF 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:23:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:40 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753012
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:40 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3679
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
250462
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 3679 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 3679 		0
0
v1
ads.yahoo.com/cms/ Frame 3679 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3679 		0
0
match
ad.360yield.com/ Frame 3679 		0
0
rum
r.casalemedia.com/ Frame 3679 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3679 		0
0
xuid
eb2.3lift.com/ Frame 3679 		0
0
um
criteo-sync.teads.tv/ Frame 3679 		0
0
cksync.php
contextual.media.net/ Frame 3679 		0
0
sync
x.bidswitch.net/ Frame 3679 		0
0
v1
match.sharethrough.com/sync/ Frame 3679 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 3679 		0
0
sync
matching.ivitrack.com/ Frame 3679 		0
0
push
exchange.mediavine.com/usersync/ Frame 3679 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3679 		0
0
user-registering
ads.stickyadstv.com/ Frame 3679 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 3679 		0
0
/
s.ad.smaato.net/c/ Frame 3679 		0
0
c.gif
c.bing.com/ Frame 3679 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 3679 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 3679 		0
0
28292
i.liadm.com/s/ Frame 3679 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 3679 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4C05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
223601
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 4C05 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 4C05 		0
0
v1
ads.yahoo.com/cms/ Frame 4C05 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 4C05 		0
0
match
ad.360yield.com/ Frame 4C05 		0
0
rum
r.casalemedia.com/ Frame 4C05 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C05 		0
0
xuid
eb2.3lift.com/ Frame 4C05 		0
0
um
criteo-sync.teads.tv/ Frame 4C05 		0
0
cksync.php
contextual.media.net/ Frame 4C05 		0
0
sync
x.bidswitch.net/ Frame 4C05 		0
0
v1
match.sharethrough.com/sync/ Frame 4C05 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 4C05 		0
0
sync
matching.ivitrack.com/ Frame 4C05 		0
0
push
exchange.mediavine.com/usersync/ Frame 4C05 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4C05 		0
0
user-registering
ads.stickyadstv.com/ Frame 4C05 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 4C05 		0
0
c.gif
c.bing.com/ Frame 4C05 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 4C05 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 4C05 		0
0
28292
i.liadm.com/s/ Frame 4C05 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 4C05 		0
0
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:40 GMT
syncframe
gum.criteo.com/ Frame D218 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2756
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EFBF 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D37 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BsZwVAk00YqipMqiexAOmu5CgAwAAAAA4AeAEAg&bg=!pqWlpeHNAAba2mK92to7ACkAdvg8WoeEIEk__0PXOKrC2PBxrd3FGRg6ME8_FBM3lbFMEO9PkSWsZAIAAA9IUgAAAAJoAQeZA0ZIAEG6mKM7ztnJz8kOwOP1Nog2xbdj5nA_N6m8cg6hstWLZ2IVnSICK_kp6XXhVMCcbskRRJgDZ2zVDQK3dpmMC_PPH8cJ_3CcNUz_1uDH6PitoE8376AEGYDR52jc70Gpzix4GdLAajq3RQYvOcfXlO9vnfOCYoYbbP5rLPDLXmn1iFknZpcUc71darbYuFXr-5mw9NoiwFJrZtPtZLD7DRdqckKGFKmbm73wZeJcgzgp1DAoZWe1-Bq7-lsp2JqN-KCkF06dYuNDtltBzpgrqGw3SRoX0IpcigAoz8AMf8VLdaHFMWm96hZt2ojukiTqtalPEyHb-V-YfePcYO9Lm5HIQ4DRQjavXIHnVOoWw0ajILo8m-sD6FGDgo5M5ShKygJyzfkxz4JaUGuDBY0jISBwA5vvRnQOOlSZScryVbLHtdHzvDSGujnNc9uXZDXhNixgMXbG_X8iZKkJ_xbLYN60ZLh9gTf_xjzi1ImUbYdsbXVLZMKSaMaqjZjiknzKqDm3YKAG7fpNaIAQc_GGj7NXC0CPWspAAhRp4SXkrx-v3hoVSfg6jJMcv9sj0kq_C6PTxlo2lgM8xJj_KsfDsphZBAcs6eBKsGPyUrarx7WTYwIoUIq2-6WNFyXCQcpHAsTsNKZukGhzok6PmZxDUNnpzmuQhlACfzdJDfpu_T5fXbUq35vmRYgPSiBBYpU_MrPUrZEuS_uOzTVaZ3ZpL2O-fKN86UdUzc3Rn8QGEQBPNJExgpU-CetRPTQ_1_Mswt1d2VnAya5851maosyu1TpchAH1YNLRB_ai7QoWSd7ocRlMfXV65o1825wRoeK3Vf8Bj830sNelPi-tG6YI_WqMCqLeXVYHS-EHM4Q1_A0oPmbKTfOZovn1ux702dVJSZw5AfnateDu-yUrni7MkJRwCYRcpg_EbGMIOpLyck6jIEWqOBln54jPeBHMGlvvpO0TYwb8QGtkR7wdSwH3-43xdMYlef0Lo6JZFuSiHE848yDpM6PQK8gnkcuaAD8dgdqRpklogyHF3EEwoJuOyiCzM0Z-DjBMuo2Dfoj1PH2tJRJFTnzicwRk-uA4zUd-pkePrKyld7kmpQdJipN-pBylYlgp
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FE3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
276418
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
s.ad.smaato.net/c/ Frame FE3A 		0
0
cookie-sync
sync.outbrain.com/ Frame FE3A 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame FE3A 		0
0
match
ad.360yield.com/ Frame FE3A 		0
0
rum
r.casalemedia.com/ Frame FE3A 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame FE3A 		0
0
xuid
eb2.3lift.com/ Frame FE3A 		0
0
um
criteo-sync.teads.tv/ Frame FE3A 		0
0
cksync.php
contextual.media.net/ Frame FE3A 		0
0
sync
x.bidswitch.net/ Frame FE3A 		0
0
v1
match.sharethrough.com/sync/ Frame FE3A 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame FE3A 		0
0
sync
matching.ivitrack.com/ Frame FE3A 		0
0
push
exchange.mediavine.com/usersync/ Frame FE3A 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FE3A 		0
0
user-registering
ads.stickyadstv.com/ Frame FE3A 		0
0
sync
pixel.advertising.com/ups/55945/ Frame FE3A 		0
0
c.gif
c.bing.com/ Frame FE3A 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame FE3A 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame FE3A 		0
0
28292
i.liadm.com/s/ Frame FE3A 		0
0
v1
ads.yahoo.com/cms/ Frame FE3A 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame FE3A 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame FE3A 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1B2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
236431
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
s.ad.smaato.net/c/ Frame 1B2D 		0
0
cookie-sync
sync.outbrain.com/ Frame 1B2D 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 1B2D 		0
0
match
ad.360yield.com/ Frame 1B2D 		0
0
rum
r.casalemedia.com/ Frame 1B2D 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1B2D 		0
0
xuid
eb2.3lift.com/ Frame 1B2D 		0
0
um
criteo-sync.teads.tv/ Frame 1B2D 		0
0
cksync.php
contextual.media.net/ Frame 1B2D 		0
0
sync
x.bidswitch.net/ Frame 1B2D 		0
0
v1
match.sharethrough.com/sync/ Frame 1B2D 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 1B2D 		0
0
sync
matching.ivitrack.com/ Frame 1B2D 		0
0
push
exchange.mediavine.com/usersync/ Frame 1B2D 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1B2D 		0
0
user-registering
ads.stickyadstv.com/ Frame 1B2D 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 1B2D 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 1B2D 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 1B2D 		0
0
c.gif
c.bing.com/ Frame 1B2D 		0
0
28292
i.liadm.com/s/ Frame 1B2D 		0
0
v1
ads.yahoo.com/cms/ Frame 1B2D 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 1B2D 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 1B2D 		0
0
syncframe
gum.criteo.com/ Frame 4BA1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3124
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B08 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 86C8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ogEB0g
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame 8724 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:29:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame A690 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3719
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8682 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
vpaid_ff3047b1.js
vpaid.springserve.com/production/ Frame 6FDE 		500 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2c00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0acad70975b7ea0cc7142d625b0ae4e13ade8da2df16afb9fa9cbe235b10e651

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 01:16:56 GMT
content-encoding
br
last-modified
Tue, 08 Mar 2022 18:04:32 GMT
server
AmazonS3
age
460546
etag
W/"7695da56b8b4259e1de1d0ac7f64eb72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
QGqQgGtk06AFrhd0sm-VAX3dOntBJ7t2ciITeRf4nBzVyEg-vQI12Q==
css
fonts.googleapis.com/ Frame 45A5 		4 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3053b931360aab35e057ca32638852aedae506fb802cbb2edd3e260c79639fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame 756E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3089
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E82C 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
css
fonts.googleapis.com/ Frame 999A 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:50:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 77AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OXCnLA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
s.ad.smaato.net/c/ Frame AA80 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame AA80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
254305
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame AA80 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame AA80 		0
0
match
ad.360yield.com/ Frame AA80 		0
0
rum
r.casalemedia.com/ Frame AA80 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AA80 		0
0
xuid
eb2.3lift.com/ Frame AA80 		0
0
um
criteo-sync.teads.tv/ Frame AA80 		0
0
cksync.php
contextual.media.net/ Frame AA80 		0
0
sync
x.bidswitch.net/ Frame AA80 		0
0
v1
match.sharethrough.com/sync/ Frame AA80 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame AA80 		0
0
sync
matching.ivitrack.com/ Frame AA80 		0
0
push
exchange.mediavine.com/usersync/ Frame AA80 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AA80 		0
0
user-registering
ads.stickyadstv.com/ Frame AA80 		0
0
sync
pixel.advertising.com/ups/55945/ Frame AA80 		0
0
c.gif
c.bing.com/ Frame AA80 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame AA80 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame AA80 		0
0
28292
i.liadm.com/s/ Frame AA80 		0
0
v1
ads.yahoo.com/cms/ Frame AA80 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame AA80 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame AA80 		0
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8EA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7m6KBk00YpvrNo_7_gS53JSwBM6Gmcxky72ivJwHwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNjM4NDM4NTczMTA1NTYwNcgBCagDAaoEqAJP0Hg3LhPusOqTZUdDRs5gg1EoIr0YazVKMeeRpJjym_On3XjptoDnNO-5uxs6YOm_6HDMe5SozjrK5R1G8netXYzePJO2KPp3qBWtUwSfnylzNn8HEqxGQDxyGkir4luG2mt3dwBqiZ2-wGJ5CLJQhPFrq1R_yc6mfrzU8UydDE-Q4fnZBSrdjZ-S7N4RDiaxGaqBx9TfjIsZqpkayvNjuf9aYR6SK9_rCqIHthBnIhFSxK1DhqSaqgABdJ_yrI0qkF_MqsXn9lkWLrU-PDRk2rgsAlVLsxMHjYvC4YWqSBQuCsC72mYpPpeJlsE0F6uA4Im6fctgkcZorCQUPAGmU98OEdhII_WVboWQNrJld1wdEVbmWdUQfsPZEbpn724i6uI11ZCn8IAGv4ycifvS5666AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIgGEQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02Mzg0Mzg1NzMxMDU1NjA1GISIHg&sigh=7vsFnsk7eUw&uach_m=[UACH]&cid=CAQSOwCNIrLMVe3xL77gX2Zbesl5aVv90TN4upA9iWAdh8p9B6kz4prBsQ-E7IAStwh9iVdA3nBovq_m_F8rGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 18 Mar 2022 09:12:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
billing
evm2.stackadapt.com/ Frame 8EA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://evm2.stackadapt.com/billing?aid=1-5231-164759475895511090205804-1&sid=1&wp=YjRNBgANtZsKn72PAAUuObqG4AaAw24v0bhOWA&rid=YjRNBgAOWzYIaASVwAROqg&network=156&t=1647594758&said=1-5231-164759475895511090205804-1&sanid=156
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-8-71.compute-1.amazonaws.com
Software
StackAdapt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
x-content-type-options
nosniff
server
StackAdapt
content-length
0
x-xss-protection
1; mode=block
x-request-id
a76cb8cd95f3465b2968132c5f47ef33
/
s.ad.smaato.net/c/ Frame B6E6 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B6E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
237906
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame B6E6 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame B6E6 		0
0
match
ad.360yield.com/ Frame B6E6 		0
0
rum
r.casalemedia.com/ Frame B6E6 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame B6E6 		0
0
xuid
eb2.3lift.com/ Frame B6E6 		0
0
um
criteo-sync.teads.tv/ Frame B6E6 		0
0
cksync.php
contextual.media.net/ Frame B6E6 		0
0
sync
x.bidswitch.net/ Frame B6E6 		0
0
v1
match.sharethrough.com/sync/ Frame B6E6 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame B6E6 		0
0
sync
matching.ivitrack.com/ Frame B6E6 		0
0
push
exchange.mediavine.com/usersync/ Frame B6E6 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B6E6 		0
0
user-registering
ads.stickyadstv.com/ Frame B6E6 		0
0
sync
pixel.advertising.com/ups/55945/ Frame B6E6 		0
0
c.gif
c.bing.com/ Frame B6E6 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame B6E6 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame B6E6 		0
0
28292
i.liadm.com/s/ Frame B6E6 		0
0
v1
ads.yahoo.com/cms/ Frame B6E6 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame B6E6 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame B6E6 		0
0
css
fonts.googleapis.com/ Frame 9E96 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:43:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame 2BC6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3547
date
Fri, 18 Mar 2022 09:12:40 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3C24 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
/
s.ad.smaato.net/c/ Frame 0E8E 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0E8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
240072
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 0E8E 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 0E8E 		0
0
match
ad.360yield.com/ Frame 0E8E 		0
0
rum
r.casalemedia.com/ Frame 0E8E 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0E8E 		0
0
xuid
eb2.3lift.com/ Frame 0E8E 		0
0
um
criteo-sync.teads.tv/ Frame 0E8E 		0
0
cksync.php
contextual.media.net/ Frame 0E8E 		0
0
sync
x.bidswitch.net/ Frame 0E8E 		0
0
v1
match.sharethrough.com/sync/ Frame 0E8E 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 0E8E 		0
0
sync
matching.ivitrack.com/ Frame 0E8E 		0
0
push
exchange.mediavine.com/usersync/ Frame 0E8E 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0E8E 		0
0
user-registering
ads.stickyadstv.com/ Frame 0E8E 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 0E8E 		0
0
c.gif
c.bing.com/ Frame 0E8E 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 0E8E 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 0E8E 		0
0
28292
i.liadm.com/s/ Frame 0E8E 		0
0
v1
ads.yahoo.com/cms/ Frame 0E8E 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 0E8E 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 0E8E 		0
0
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		0
0
usync.html
eus.rubiconproject.com/ Frame 94D2 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:41 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 653A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 18 Mar 2022 09:12:41 GMT
Age
10414
X-Served-By
cache-lga13626-LGA, cache-ewr18178-EWR
X-Cache
HIT, HIT
X-Cache-Hits
330, 10683
X-Timer
S1647594761.498460,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame EF45 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

last-modified
Tue, 15 Mar 2022 05:35:40 GMT
etag
"1302647-96a7-5da3b2ade946f"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13941
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56169
expires
Sat, 19 Mar 2022 00:48:50 GMT
date
Fri, 18 Mar 2022 09:12:41 GMT
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame D804 		68 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
text/html
content-length
70
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame B687 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame DC3B 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DC3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
284576
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame DC3B 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame DC3B 		0
0
match
ad.360yield.com/ Frame DC3B 		0
0
rum
r.casalemedia.com/ Frame DC3B 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame DC3B 		0
0
xuid
eb2.3lift.com/ Frame DC3B 		0
0
um
criteo-sync.teads.tv/ Frame DC3B 		0
0
cksync.php
contextual.media.net/ Frame DC3B 		0
0
sync
x.bidswitch.net/ Frame DC3B 		0
0
v1
match.sharethrough.com/sync/ Frame DC3B 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame DC3B 		0
0
sync
matching.ivitrack.com/ Frame DC3B 		0
0
push
exchange.mediavine.com/usersync/ Frame DC3B 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DC3B 		0
0
user-registering
ads.stickyadstv.com/ Frame DC3B 		0
0
sync
pixel.advertising.com/ups/55945/ Frame DC3B 		0
0
c.gif
c.bing.com/ Frame DC3B 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame DC3B 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame DC3B 		0
0
28292
i.liadm.com/s/ Frame DC3B 		0
0
v1
ads.yahoo.com/cms/ Frame DC3B 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame DC3B 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame DC3B 		0
0
img
pix.us.criteo.net/img/ Frame EC20 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753012
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4941 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BwAstAk00Yo-FOMiCogadzqqwDwAAAAA4AeAEAg&bg=!ra6lrurNAAba2mK92to7ACkAdvg8WvXXS5U3GSdjt2vUS8AaeYx_JKH8wkNEbsF1g4OPRa-qJimNWgIAAA_PUgAAAAJoAQeZA0i8RciFdIVtIHnpHmTAU8mVHoT4HnjMQVhmXxwui6kfaAGs-RT9KEe5uEpFE1K7_4_88gtwearpMSwVJzC7DUq2UguZWydNluh_SUNEXQAnQhQz1HuVUHV2lyLxcFSSk3rbwgKLSVwpagyx_OruAr2WtjVcQJXsQFnRQqKxL2bYP41hQkaSeu2iRFLx4dt_5ZvIinZwOX45vjsZ5tiBNJ09CL5-sSX36UhFNFPgpNUYZs2AV7VSAwMQIaG6e3qXm5DQDSf9nzuclo6QfaFoM-BVgbaIJ9oa4vR7_cFwxAlTRgUsQP7Dbhs4vrZQvj2bBZ6EJONgK_Yx4KsgDRZ94asTqwZQ4Ujui-b4bOZa-zGI_A5nU5kxEqhfwAN0OtT5bCNqWV0tl7_A4NPRCDgFenQNDHkIH-vik_8lYQV44jbcbJDZXYdsMcI3Jgmy4qS2S_Thnf0_dS5vgcOoeFI36Ryf6ljl3b9J0nrktN0mrKb_NQsO-YOr8qvj6di2FJY-9ynj8MWIToHZ_Sw-uaOIZpQOY4bU5q8L_FdClpvSrjoBwwr0qdr22JK5V-Lqu9bT8ECsphCyTSt6QDoP0GfjmTFn7UwBnuEJEB1QB_mF7RxxHVRGnhOISXcytC5zcovcUXiD72oDEHfbisxTCdqnOWKz662Da-xkyL9v72E85fRJ0GZ0XSd2s2sc6MJfZ_IRPtxjRzszn-7KerzvwKU3KrIl1VlCd2RmUYDYf1nOjC5J7VjE7nxXzhYwiXAhqPxF15xUIYOXhJYg8CwJqsTqqq5gbbPRM5tYV2-gplsNSQWh3oMMWkFai8LqAf8PzRtfmVm4JGxQ5xPzHo9P2a0efnvBl7kmpJFX0V81afoyZY1n2Rk2a3YxvvSVL2NNnJnwUKpPofI1i9bw_xK_w3NDBm6TERWwjlfky-dUUV61oMfVSzgWfdqCieE-ozMtPxg8Lzau2IoLAWdRTKTgHM4yqPQPO9mTjN7ufvhquHKyLlaNWgzDEy45Y0_RUTjJPy66O9liQ895tA21Z6K2mL6-oiQyBoe1wWhLIayPtMSoEeD8gLTuYQaQ2NOHEZ6GwMxTUkKkmlsKIf2ut9cs3-rew32KcWRGadmYPc4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame BE58 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3022
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D683 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:41 GMT
img
pix.us.criteo.net/img/ Frame EC20 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206486
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
/
s.ad.smaato.net/c/ Frame 2472 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2472
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
273928
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2472 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 2472 		0
0
match
ad.360yield.com/ Frame 2472 		0
0
rum
r.casalemedia.com/ Frame 2472 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2472 		0
0
xuid
eb2.3lift.com/ Frame 2472 		0
0
um
criteo-sync.teads.tv/ Frame 2472 		0
0
cksync.php
contextual.media.net/ Frame 2472 		0
0
sync
x.bidswitch.net/ Frame 2472 		0
0
v1
match.sharethrough.com/sync/ Frame 2472 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 2472 		0
0
sync
matching.ivitrack.com/ Frame 2472 		0
0
push
exchange.mediavine.com/usersync/ Frame 2472 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2472 		0
0
user-registering
ads.stickyadstv.com/ Frame 2472 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 2472 		0
0
c.gif
c.bing.com/ Frame 2472 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 2472 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 2472 		0
0
28292
i.liadm.com/s/ Frame 2472 		0
0
v1
ads.yahoo.com/cms/ Frame 2472 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 2472 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 2472 		0
0
img
pix.us.criteo.net/img/ Frame AB97 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=27948&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F27948%2F160411%2F1b6eb0880891464595625e43ac5abb08_scully-and-scully-logo.png&v=3&w=596&s=fDtYDG9m_mWWiicP2pLLBzNM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28753012
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11428
expires
Tue, 14 Feb 2023 04:09:33 GMT
/
s.ad.smaato.net/c/ Frame 2EDB 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2EDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
204498
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2EDB 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 2EDB 		0
0
match
ad.360yield.com/ Frame 2EDB 		0
0
rum
r.casalemedia.com/ Frame 2EDB 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2EDB 		0
0
xuid
eb2.3lift.com/ Frame 2EDB 		0
0
um
criteo-sync.teads.tv/ Frame 2EDB 		0
0
cksync.php
contextual.media.net/ Frame 2EDB 		0
0
sync
x.bidswitch.net/ Frame 2EDB 		0
0
v1
match.sharethrough.com/sync/ Frame 2EDB 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 2EDB 		0
0
sync
matching.ivitrack.com/ Frame 2EDB 		0
0
push
exchange.mediavine.com/usersync/ Frame 2EDB 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2EDB 		0
0
user-registering
ads.stickyadstv.com/ Frame 2EDB 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 2EDB 		0
0
c.gif
c.bing.com/ Frame 2EDB 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 2EDB 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 2EDB 		0
0
28292
i.liadm.com/s/ Frame 2EDB 		0
0
v1
ads.yahoo.com/cms/ Frame 2EDB 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 2EDB 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 2EDB 		0
0
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:41 GMT
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame 4CA9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3045
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EF0D 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
/
s.ad.smaato.net/c/ Frame 4F58 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4F58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1PUnFxdVVHVDRrZXpxOEV1REF1bnYzcGZQUnF3YVc1VkM2RUpldw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191479
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 4F58 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 4F58 		0
0
match
ad.360yield.com/ Frame 4F58 		0
0
rum
r.casalemedia.com/ Frame 4F58 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4F58 		0
0
xuid
eb2.3lift.com/ Frame 4F58 		0
0
um
criteo-sync.teads.tv/ Frame 4F58 		0
0
cksync.php
contextual.media.net/ Frame 4F58 		0
0
sync
x.bidswitch.net/ Frame 4F58 		0
0
v1
match.sharethrough.com/sync/ Frame 4F58 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 4F58 		0
0
sync
matching.ivitrack.com/ Frame 4F58 		0
0
push
exchange.mediavine.com/usersync/ Frame 4F58 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4F58 		0
0
user-registering
ads.stickyadstv.com/ Frame 4F58 		0
0
sync
pixel.advertising.com/ups/55945/ Frame 4F58 		0
0
c.gif
c.bing.com/ Frame 4F58 		0
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 4F58 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 4F58 		0
0
28292
i.liadm.com/s/ Frame 4F58 		0
0
v1
ads.yahoo.com/cms/ Frame 4F58 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 4F58 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 4F58 		0
0
OpportunityServlet
us-vid-events.taboola.com/ 		1 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
syncframe
gum.criteo.com/ Frame F8CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3094
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7266 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame F884 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3172
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 287C 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 3385
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31531

Redirect headers

date
Fri, 18 Mar 2022 09:12:41 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://imprnjmp.taboola.com/
access-control-allow-credentials
true
x-varnish
578276826
content-length
0
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame 3385
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31531

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame 3385
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36701

Redirect headers

location
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
0
content-type
text/html
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame 3385
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33615

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT, Fri, 18 Mar 2022 09:12:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame F57D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%2...
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=5ft7yHrTcDZd&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=5ft7yHrTcDZd&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31531

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=5ft7yHrTcDZd&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame F57D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31899

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:41 GMT, Fri, 18 Mar 2022 09:12:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame F57D
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36701

Redirect headers

location
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
0
content-type
text/html
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame F57D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36701

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=34B9E82E4748403EAA98BCED7FCDFCB4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://us-match.taboola.com/
access-control-allow-credentials
true
x-varnish
576054172
content-length
0
css
fonts.googleapis.com/ Frame C95D 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:04:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame B251 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3160
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D6D9 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame 9C67 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3496
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5BE9 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame B8B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3176
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C08C 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
css
fonts.googleapis.com/ Frame 42DB 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:58:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:41 GMT
syncframe
gum.criteo.com/ Frame CDB2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3292
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6AFA 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Mar 2022 09:12:41 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 45C3 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame F5EF 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
all
csm.us.criteo.net/ Frame 45A5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=ZB942r6B_In13vMtKmoFPCyKliKwu7L9MtNuU6dVAk4KmnGw8D8LeTRlDRAMIP5CJ42bEiNk8JGQMOLV75s6-bl2tt7QLtOdyCbhFMR0T-xps_ICogAQGCUDiOX6LQSGwzqZ1WvGNjBJ4WYfz-EsXmwc4cd_MNbE4UEx1FHTcJQyueRGef1sweOx8fFd0SsU9RX1Ini9gCN1WfJnJPx0Z2iUKf7q7ouUq8M_djDTG47ih0qpEsetaE4JABE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sd
eu-u.openx.net/w/1.0/ Frame 0DCB
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=2a5d5a46-1366-4916-9114-7cf922fb3049
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=2a5d5a46-1366-4916-9114-7cf922fb3049
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=2a5d5a46-1366-4916-9114-7cf922fb3049
date
Fri, 18 Mar 2022 09:12:42 GMT
server
_
content-length
0
pd
us-u.openx.net/w/1.0/ Frame 0DCB
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647594762115051-141
sd
us-u.openx.net/w/1.0/ Frame 0DCB
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
103
ox
match.justpremium.com/match/ Frame 0DCB 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=72c9afbc-809f-483a-944c-9ad36562db88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.145.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-145-149.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 0DCB
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&p...
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame 0DCB
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=Th4TLbdfM?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=Th4TLbdfM&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=Th4TLbdfM&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
sd
eu-u.openx.net/w/1.0/ Frame 023F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=41183b05-50a9-4e6a-84f2-393f56d29b15
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=41183b05-50a9-4e6a-84f2-393f56d29b15
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=41183b05-50a9-4e6a-84f2-393f56d29b15
date
Fri, 18 Mar 2022 09:12:42 GMT
server
_
content-length
0
pd
us-u.openx.net/w/1.0/ Frame 023F
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647594762160030-310
sd
us-u.openx.net/w/1.0/ Frame 023F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
103
ox
match.justpremium.com/match/ Frame 023F 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=72c9afbc-809f-483a-944c-9ad36562db88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.145.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-145-149.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 023F
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&p...
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame 023F
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=0h4TLbKfp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=0h4TLbKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=0h4TLbKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
sd
eu-u.openx.net/w/1.0/ Frame AAA4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=b99b78be-f581-4bf0-85f8-62fcd6d96aaa
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=b99b78be-f581-4bf0-85f8-62fcd6d96aaa
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=b99b78be-f581-4bf0-85f8-62fcd6d96aaa
date
Fri, 18 Mar 2022 09:12:42 GMT
server
_
content-length
0
user-registering
ads.stickyadstv.com/ Frame AAA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.218 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame AAA4
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
103
ox
match.justpremium.com/match/ Frame AAA4 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=72c9afbc-809f-483a-944c-9ad36562db88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.145.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-145-149.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame AAA4
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&p...
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame AAA4
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jhfHLsKfp?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jhfHLsKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jhfHLsKfp&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 9F4E 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2025736&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2025736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
626068a4-2cc1-4799-aa90-b0b95697297a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
all
csm.us.criteo.net/ Frame 45C3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=GZog376B_In13vMtPWKqmUSF_A53T0HE-X1ODLVlxnBsP7u8P9UQyukYsgVkPqqVyAdqJuC-_IOjPF0qjc74VitWyuqI89Ve_gnjDpRlrBBfbhrYVGH47lEOQeuwvY50HnHMDIjtjhDEEmYtEZOd7AEYZC80EQbvduL-OKrDpRD9v4uijJ0r9lH5K_ra24Co1acctahJblatWbcLeHO0VqDJj4puh2YNFhePGZ4YUUrv49ne90226N1Il0E&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0YD8uvEzSpLrOmcPLXA4u5FRIxoujQod3K6n2WS7lnYYtQ-IGO207-yvWu7Ye9gWspB_nBro2_kV9Db25Q77OpL_T1htBZ6PayYOehBoVqJMayYsGB5t2NU0ZpkMuXal285EYsdj0XwDGcRZSUI6fpHY4hnHqNXyOpJLe10mXfOnLqPDHB89cokBKDC24vO2WJGz1rBX_i6TxDk10M8N6WfykbiSBtvVj1uTi_6YkVsx9IFbo8hH-gJnkt5EsNTb6wEWdLsiaKLG4-y82vlqnnuIxNwt-dKThuxZUDHif74EaR8udEJ-oNMFChHGRqUxtpzmJa67O6KVT3RcJz3JI1S_sndGYrQWg62LXq61e5U0oupjOlg_Ytl4w3eELkWJsg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usync.js
eus.rubiconproject.com/ Frame 90D7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 45A5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:58 GMT
x-content-type-options
nosniff
age
135704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:58 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 45A5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:54:38 GMT
x-content-type-options
nosniff
age
134284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:54:38 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 999A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 8724 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 9E96 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
css
fonts.googleapis.com/ Frame EC20 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:04:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:42 GMT
sd
eu-u.openx.net/w/1.0/ Frame 68AE
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=4ae1855b-a97c-488a-8d28-7322e27bbe48
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=4ae1855b-a97c-488a-8d28-7322e27bbe48
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=4ae1855b-a97c-488a-8d28-7322e27bbe48
date
Fri, 18 Mar 2022 09:12:42 GMT
server
_
content-length
0
pd
us-u.openx.net/w/1.0/ Frame 68AE
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647594762229023-244
sd
us-u.openx.net/w/1.0/ Frame 68AE
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
103
ox
match.justpremium.com/match/ Frame 68AE 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=72c9afbc-809f-483a-944c-9ad36562db88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.145.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-145-149.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 68AE
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&p...
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame 68AE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jOfTLbK4p?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jOfTLbK4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jOfTLbK4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
sd
eu-u.openx.net/w/1.0/ Frame D7A5
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=e14a08d2-53d0-4c69-bed6-7fa374bc359e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=e14a08d2-53d0-4c69-bed6-7fa374bc359e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=e14a08d2-53d0-4c69-bed6-7fa374bc359e
date
Fri, 18 Mar 2022 09:12:42 GMT
server
_
content-length
0
pd
us-u.openx.net/w/1.0/ Frame D7A5
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647594762228040-164
sd
us-u.openx.net/w/1.0/ Frame D7A5
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fded1f0-ea7c-a79b-7689d01c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
103
ox
match.justpremium.com/match/ Frame D7A5 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=72c9afbc-809f-483a-944c-9ad36562db88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.145.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-145-149.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame D7A5
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT&gdpr=0&p...
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_62344cff31ce1&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sd
us-u.openx.net/w/1.0/ Frame D7A5
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=jh4HRsd4p?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jh4HRsd4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_p...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=jh4HRsd4p&partner_url=https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://ad.mrtnsvr.com/sync/openx?no_piggyback=true
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=jh4HRsd4p
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
vary
Origin
content-type
text/html; charset=utf-8
ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
dpm.demdex.net/ Frame D047
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID}
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-088644b20.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
B7KGYtvNRcw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
p2
ads.scorecardresearch.com/ Frame D047
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Server
13.226.26.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-122.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
7NOULZa9CCNVglRpWMorjFHKqlnr5EyTLo2AY7gvdIte95ufRSAYwQ==

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
content-length
137
x-amz-cf-id
I0tOMaMw-uJl2uenV8zlxqzfDHLreVGrCGaeuRUkkADSwbF3z55s7A==
sd
us-u.openx.net/w/1.0/ Frame D047
Redirect Chain
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_3_f@j3mrpdatanet
Connection
keep-alive
x-deviceid
b87393dd-0a72-7d24-ffaa-36a562353c63
transfer-encoding
chunked
sd
us-u.openx.net/w/1.0/ Frame D047
Redirect Chain
  • https://match.deepintent.com/usersync/108/
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_174ff51fcf874097873f0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_174ff51fcf874097873f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_174ff51fcf874097873f0
date
Fri, 18 Mar 2022 09:12:41 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame D047
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=9b5c8a03-f1a5-424b-ac4a-8e00f240cd39
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=9b5c8a03-f1a5-424b-ac4a-8e00f240cd39
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=9b5c8a03-f1a5-424b-ac4a-8e00f240cd39
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D047
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 713A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame 89EC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
all
csm.us.criteo.net/ Frame F5EF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=xalg7r6B_In13vMtzou_vxSJXMPry1UBiXv_3pXjTm0sTXvusZlagMvsOAwaEbvwT32dtKX82sSBV2UpUYVyqxfL_idV8Ys0yceQ1g70vpKRIFC3DatLV4CvNZ_wL0RvWV2dESrwJjY54fbQyVve2pzyTf0Tbn306yv3QlurwCgZXBo3q4aVhcs_e2ICiMGsDExstZ4Ocrm-3mAfJ1MPNeClIVU_7ekftGrs-Uiy9vMmOJL2NGsf0sZC3Ng&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0XHxvT1K7ytcLIDNlCPKarYB1tojTvOF-xh1cCfpjxiQarslCc1XPQhfTY_O1jqLkkab4U8Xv6v7dksXjrcFohHa6OEF8QD7cIoTb_a_h2SkLFn1PzvW5O9ELjcsvutl4611TasIeuBcubI1scpEezkkhSaRbugo_cdvbQzQq2yUPjrcu4wbijA_I4PoiM1zr_AgfiQAtQCBfTHBI2S3le12F-uW8xD75f-GbsyhElbzqDwxnHJ2ZiNMu_7b-jerjrh0cDOenpIzj7Q3a9VhigHGKrUK-XJM4n0SE_nwVtm2n6y2Ruak4yaoP6qqOwiV3u9CHdJvfthF3Lv_GHeXcW14Vgz9nR5pb1vlPLMgBc9_8eeyWbrMW1SrHcBe90emQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
dpm.demdex.net/ Frame 43F0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID}
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-07ad60b71.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rtiegRCBSOM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
p2
ads.scorecardresearch.com/ Frame 43F0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
64 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Server
13.226.26.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-122.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Hm6WJhIKtLASVWsMj9IzSK40xG6DYumXA0yZ9MoLZCTpZJEQvJNidw==

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
content-length
137
x-amz-cf-id
oefzlPJDSrilWUx_wYgSbudpIVnoy1eaNduIYMq3yJhg2Ic20W8MBA==
sd
us-u.openx.net/w/1.0/ Frame 43F0
Redirect Chain
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_3_d@j3mrpdatanet
Connection
keep-alive
x-deviceid
b87393dd-0a72-7d24-ffaa-36a562353c63
transfer-encoding
chunked
v1
match.sharethrough.com/sync/ Frame 43F0
Redirect Chain
  • https://match.deepintent.com/usersync/108/
  • https://match.sharethrough.com/sync/v1?source_id=AVk8fCqVz5T6ZMTv987HfHLL&source_user_id=di_174ff51fcf874097873f0
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=AVk8fCqVz5T6ZMTv987HfHLL&source_user_id=di_174ff51fcf874097873f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=AVk8fCqVz5T6ZMTv987HfHLL&source_user_id=di_174ff51fcf874097873f0
date
Fri, 18 Mar 2022 09:12:41 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 43F0
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=a03f7c10-0fd5-4b5a-ab4c-227b214b18cc
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=a03f7c10-0fd5-4b5a-ab4c-227b214b18cc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=a03f7c10-0fd5-4b5a-ab4c-227b214b18cc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 43F0
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
impl_v85.js
www.googletagservices.com/dcm/ Frame 8EA9 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:04:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 05:04:55 GMT
all
csm.us.criteo.net/ Frame 45A5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=ZB942r6B_In13vMtKmoFPCyKliKwu7L9MtNuU6dVAk4KmnGw8D8LeTRlDRAMIP5CJ42bEiNk8JGQMOLV75s6-bl2tt7QLtOdyCbhFMR0T-xps_ICogAQGCUDiOX6LQSGwzqZ1WvGNjBJ4WYfz-EsXmwc4cd_MNbE4UEx1FHTcJQyueRGef1sweOx8fFd0SsU9RX1Ini9gCN1WfJnJPx0Z2iUKf7q7ouUq8M_djDTG47ih0qpEsetaE4JABE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd59dJf2JDK1W5x2QuPLIkMwH_jJCePYQ-HV8vWlkdRkx09jUvJHxQY5pWEqdQrbPtbGv8evBDFNQeyalcqMBhmdVCKfA4T3D86hB-mP-KDgQC9Cf0lHZdRFZKReM8HRbWk5eM6dJcyEcIBaqyRvoostaV_7Z6YFYN4kq49i-BgxD_L16NuQXOeotoag13-AL64AZFxbznne0WDhUKOHUde0tj7v_6e9kk7zR5jLJPAaCaKHYd3nfX5-0JbDBoXicfUjnSrvdwjK7In2hbgtDtmQlIt9tG1Kldr4ooyTiH2Jk-0_lusTTTx9ylpueSLXRbqu48saUNVf1r0DY_XJ1LVlOy65HYnUWK1L1JVCVMUURvuppjraRTb3JMouMPos4PCdgY3VybgqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.us.criteo.net/ Frame 999A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=dD7rnr6B_In13vMt5mQ5nPWMgEF9m-48JHPN2QVaZ9tVEYf25E_g6-reJNpZcisNV6BohWw4hY8sZKjnT2ShFqvL3jWlo-RHu3KQmD8G3MAJT72rgOOGB2WDCJmUsr8NV3gZF4MrVBFjr7CJOwHDWgEw-cz4IQS-3eyhUpGtBbck8HAGLfqf1vLDJ92qlnETih0O2-YAd5eJGGSyrTRT8tt1zlqT-_VdMv8ifdSXYop9v1RX5qKs5KxIOpM&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.us.criteo.net/ Frame 8724 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=fVwc8r6B_In13vMtBnTmv8ZGvny8x3_uhPkrHr7LsfWvQgg8_ryfSgAXVP704KZHIYepdYhlCSQESeMbWwvuVFc6HiLsHfuAesXuMKhvYhsd_K5h3a3LcLsSg3Rj3rK6H68PT83F4PhUNqiFKcBGaozSRpBNN0f9Y_L1kAuMdkZ8fuVmkBuZ-iEUhuDLgdEObZNAZlxwLWUtx0px47pzqOY1Ja-Oe5u0Qcj74Xjj8r36jEu-nHsySASg3DI&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0RGe6jbK7fF7ge54NX-9oQX9mQhydLJW10lKsYSCJDGBA1MB1XyiSIoMQKwXHeTjVW6J68CYtFjj83ATLsLS35HsJnm8GGqLqQhp8IY3u2yiILVg0-B2wCIvSRdMvd_xoe6vgNvYpM1p2xEqEAqV_vFAYx8gtZGNC0yEa7xQvDOvkELvRao34kJB9fv7dHog3PlY3y-9uAF5vZp7cd_11LjJOGIkiSr2nptjorP70iDaMCelxXqa1C-My_R63ZnwFCwq3lpmN6f8-Cxl-Uyed-Crkm3GUvVqDtvfdqvN_DzqAo-d-zY4u_mZzD3O6Kowk12G-Cb3x77h7Omjalwq7WsZ3wk91ZWZbk89NwqMOJBtzlBDa3XOXhJn4g_G8n6cIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
dpm.demdex.net/ Frame 889C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID}
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-07e5af440.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
z02Rl11/SYI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=a3af62ce-bf91-4bc6-a319-d47f8988afbc
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
p2
ads.scorecardresearch.com/ Frame 889C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Server
13.226.26.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-122.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
UkKbFe9vJHjEqemEfnbMz7v_63u7s4dIEzWviQhdwhYrzzAdH4yo5Q==

Redirect headers

date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1647594760&cs_xi=9e32e468-934c-49f4-91a7-7350f3fd82d0
content-length
137
x-amz-cf-id
0AZnTfEmRAPGizMscbBbnZKIiOVf_wgybHpl_SciC5Lu34ixjM4d8w==
sd
us-u.openx.net/w/1.0/ Frame 889C
Redirect Chain
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537144753&val=4772a281-54c2-ed27-4e45-ed436fda250f
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_3_f@j3mrpdatanet
Connection
keep-alive
x-deviceid
b87393dd-0a72-7d24-ffaa-36a562353c63
transfer-encoding
chunked
store
match.deepintent.com/usersync/112/ Frame 889C
Redirect Chain
  • https://match.deepintent.com/usersync/108/
  • https://id.rlcdn.com/467756.gif
  • https://match.deepintent.com/usersync/112/store?id=Xc1364jPJ3JftJJ4h_a13mcsPDh7NQiqA4uI8yVkxGNcRBFyw
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/112/store?id=Xc1364jPJ3JftJJ4h_a13mcsPDh7NQiqA4uI8yVkxGNcRBFyw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://match.deepintent.com/usersync/112/store?id=Xc1364jPJ3JftJJ4h_a13mcsPDh7NQiqA4uI8yVkxGNcRBFyw
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 889C
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=fc66658f-a4ca-4247-ba4a-df423b39f982
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=fc66658f-a4ca-4247-ba4a-df423b39f982
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=fc66658f-a4ca-4247-ba4a-df423b39f982
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 889C
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.26d8a320d90f49a8804d4b797198f7e6
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
match
ads.betweendigital.com/ Frame 0DBF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=7c645530-439f-430f-be08-f3bda86d545b
Date
Fri, 18 Mar 2022 09:12:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
btw
sync.dmp.otm-r.com/match/ Frame 0DBF 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
server
nginx/1.17.4
btw
px.adhigh.net/p/cm/ Frame 0DBF 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/btw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.142 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp3.sender.ltmse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
x-kick-from-dns
true
server
nginx
content-type
text/plain
match
ads.betweendigital.com/ Frame 0DBF
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=6c08c9107bed88b791eade9c
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=6c08c9107bed88b791eade9c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Mar 2022 09:12:42 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=6c08c9107bed88b791eade9c
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usync.js
eus.rubiconproject.com/ Frame 320F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 2181 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame 2181
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 2181
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%%
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=L7vYUGFfiEMQ&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=L7vYUGFfiEMQ&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://us-u.openx.net/w/1.0/sd?id=545637763&val=L7vYUGFfiEMQ&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
sd
u.openx.net/w/1.0/ Frame 2181
Redirect Chain
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID}
  • https://u.openx.net/w/1.0/sd?id=544034803&val=c0ae426b489297186644
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=544034803&val=c0ae426b489297186644
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
server
Hybrid Web Server
location
https://u.openx.net/w/1.0/sd?id=544034803&val=c0ae426b489297186644
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
420
content-length
0
x-xss-protection
1; mode=block
expires
-1
all
csm.us.criteo.net/ Frame 9E96 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=d9Pm9r6B_In13vMtyHbL3YLNswDk7u_5KyZPq2F5JDYZTmr2nVA8McLjIR7kdwRatr6MT3m2WfYvoSj4RR_M59n36zSW7a2unGSB21fQzidMLUnY6t_QTPV6lnqf4KImBWB81K-OO26Dx4rEJZdPria8k3wyIgFiVXie32FTsRSm2iSezLmmiTLuA-kZ-_Xa7t9C0tHzshoXxh5U8hfBVjDniNFqB_nsie0ZKUL32JJpRFt3aBPDe7xe6Z0&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A4C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame A4C6
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame A4C6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%%
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
sd
u.openx.net/w/1.0/ Frame A4C6
Redirect Chain
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID}
  • https://u.openx.net/w/1.0/sd?id=544034803&val=6ab1b5ef30496335114e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=544034803&val=6ab1b5ef30496335114e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
server
Hybrid Web Server
location
https://u.openx.net/w/1.0/sd?id=544034803&val=6ab1b5ef30496335114e
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
422
content-length
0
x-xss-protection
1; mode=block
expires
-1
css
fonts.googleapis.com/ Frame AB97 		5 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:08:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:42 GMT
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 05A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame 05A5
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=8297679604156303488
date
Fri, 18 Mar 2022 09:12:41 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 05A5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%%
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://us-u.openx.net/w/1.0/sd?id=545637763&val=0b9r5uPyhAf7&ev=cd1a1122-b2b7-463b-8eb5-34edcd0f9eea&pid=562539
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
sd
u.openx.net/w/1.0/ Frame 05A5
Redirect Chain
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID}
  • https://u.openx.net/w/1.0/sd?id=544034803&val=9ddb4a18436a2667174f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=544034803&val=9ddb4a18436a2667174f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
server
Hybrid Web Server
location
https://u.openx.net/w/1.0/sd?id=544034803&val=9ddb4a18436a2667174f
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
423
content-length
0
x-xss-protection
1; mode=block
expires
-1
/
crta.dailymail.co.uk/ 		8 B
450 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:42 GMT
all
csm.us.criteo.net/ Frame 42DB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=JsJCTb6B_In13vMtSPBHJC8_YOJWJMcNz9vzN5nrm7ZZu9DESdGchWfc1Gu3E_EAPXQ2dgK3N35I1KFsowHUEbHHyzIyUk7rYv6bQMkLH-osqDmtQZJxAgKuAEf1rGu5n9g-1rpdz4OVJ-yC9hE20Y2F9j2zOsulkIqb5kmFXeF-ZYQhuVTctMjjiHwQ1ismfnBWwH-w-HpnnVAAZ0V61J4JL06oxFFSM3KuhbecCENJeQtjl10qZGEknJc&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0WCol5mckK-q4JimNFPd4cRUoZ9RTqiYTWECGJIefmpz3hYwS2CnTt8wEllUVHGxI5aB0ISODDPK5B7tfp8ZU47YZJVQ8VnAvPXMP2Zdr2ULnRsJJUbPc3RUtI0do8VYjxoquhZjhSm7ESO_7rvrSJhf4ndQyea1AT73OFPs5PpY7cOFi9F5u-M7Wk8coch0gySfZUrMYj7MjBZOsfp_X5nupd10krpLGoz2FkUKLRXQ8HMrGphBYkxkpo5ctIN2qk5Hz-0HPDI8ovypRv2TPgk7aIReJ9NNELwrMc3sgqe-oXsuLww6cK-7v2kDNjWC1eFZSy2cZMlz5s2WQopZbyZi25l88ppWALtfmlArti12-mhqsMtTr69zqJB4loCB7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.us.criteo.net/ Frame C95D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=n2c1L76B_In13vMtVM4fS82-Xwxgdm7AO95dm_2bHlYfMvfHhbOr4qgSq-di1_VxSb1ZAtRqOUzVC73APDQ1yuQIyaiCR_gwF85qOO9q4JGTJZjRFxntw8cxVz2hghtflJgsrLK5tb5_BUoxm0qY6CJ5FI4IOZfrPWP0WVGYHo6FpuQzvFISydScqV1qN8nFhCBbWDZGwLRxVEMh7Mj-euXKeE_3DLcfu5Ain9fYw8QYTuIvFb6dOmEPzR4&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0SJgxfGNmJyKyVfuQ7lJwHrG2B0A9NacDp5lAIFVqAnA8gizii_EM9yQS4ob3nM6V4-Siw_iGAPm5JU-lHLP5ODTb0UpGpJ6mMwFBbxevc3vzhIjCp8QqZAnHnlBgbr7ZDeEvPRZ9xl4F4GGqlmdcX3ZI8P9MEIQjWYrZ1p2x8dRFEejMxpfgA2eCFH5MocMqBVqJZ3wNm0nN8U5Q3kbFeB1_A4_UM5wANIwMby3RbLHt1ocFxH67c24wawULBnzvCr1gTdhhVatDES_DnCTSOHC4OkCMoeNfEPTHToGxiMARbD2QBcDDlNB6VYNszUis0EEJyVIM2MdmCQpOILhK6Q1-cTW_d-scyUJ-AVpV7zJN8pIn9mpvdmFvl1t0yG0Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usermatch
ssum-sec.casalemedia.com/ Frame EC0A 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fcd3a9395aed4284facfaa5663eebc9e86197bd9cb7b16c2b57bb46720e92f99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
123|188|17|221|57|230|13|131
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
Content-Length
1821
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame CFB0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame A9CC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame 1BB1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame F695 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame 5023 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame C1A8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame C364 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
usync.js
eus.rubiconproject.com/ Frame 74CD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
csi
csi.gstatic.com/ Frame 8635 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l0w7dnsa&c=7778057433221&slotId=3889028716610.5&fb=ima_html5-lima&sdkv=h.3.505.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=20&vhc=0&ghmsh_eids=44737475%2C44750822%2C44758374
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame EC20 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=k23LxL6B_In13vMtF7A1Vlosp-lp548zp0WNKbY_KSO6NSBF7mnOfTyYjSUBGoqKsyerOgVJBEALxe6Q9NIu-CnnWAH6C_PtttXwvWC5JKmRhl_cO6gWmGfQpEIaoKB2AP26vY8b19Py520e4ppuqsIjKkhAJ43Ysmqo1P5jcqb80Q0CByN4IggT5mxybOwxM_ctvMaBCCm_hJoyEJvMWF14mSeFgpF1Ny_t7dQy7em8dZlCZ7bolzKgaJQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.us.criteo.net/ Frame AB97 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=G2MgWb6B_In13vMtdoxUyV3ffQLfIQulqXq4KCKgl444OdCupp2jvxo7tyHvuw8jQijs9wprgiKBNvUJIiL5R1_vad95ye4vxf-l8TPGpLTdQrsILAOhghkQqLh_tkor_heeBKr5DKJD2gnuDbsoaQkz1g_gmp8jcaH_pCXp8TR8E-ZHKfZOw8tHniCimT4IZu7os4eN89FQ6K12UnQdDBkKBrJoKOTB0tk7Keiu-Irao4aCIm-u_jU7O-E&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0TwPC-JdM5_0iTPZnnVQxJ6CxgBBc_DIBmUkF92u0kKU_zYhPeXCyRPw_LshjiQL9LEQcN-VO81fW0FDCQkc3Nv5yi72JvsPD1fVyC1vXhjNnq4h45aAdZtr1SaYunqwKI4h8XmheCghwkqueYITCPynIkwUW0gLFixMKigKbh6Fwf8W_SQA9FNEiFGiHUvSGMxmH7UZWTqd1WZe2NWLJCVUxbm4T-a5RTsdg79c7gHTe0Qh7Tzn3m7lBZ7euufewv-hKhNFvqLwOzwzrMedKAiyDm8CjydsiD0dYb2-W4_QhISHdt1xFsOYHX25zx3kKznCPl-xjqA04oKQrb3lpimyBRFm7HSjba03oN6k5WtmYWLZKcvxhGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usync.js
eus.rubiconproject.com/ Frame EF5F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
vevent
nym1-ib.adnxs.com/ Frame C89C 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2F&e=wqT_3QKfD_BMnwcAAAMA1gAFAQiEmtGRBhDB95q006XI5yAY3cTIz6ry1aBYKjYJ4xo8n0MRlT8RhACdVRVBkT8ZAAAA4KNwzT8hhACdVRVBkT8p4xoJJPCfMQAAAEDheoQ_MMmN2ws4mFBAuGhIkQRQhbG2nAFYuauXAWAAaLjhuQF4_6sFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHGh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay-AAwCIAwGQAwCYAxegAwGqA4cLCt0KaHR0cAEy8LB0cmFjZS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1iZWQ4NzI3NWU2MTI1YzJjOTk5ZTE4ZmI5ZDRiYzA4NCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF8yNwAMQklEXwE2CGFkXzIYAABBCRcFkwwmaW1wAR5oMjM2NDE0NDgwNzQ2NDg0NDIyNSZwcmljZT0kFYfwT1BSSUNFfSZ0ZXN0PTAmdGltZT0xNjQ3NTk0NzU2JmFkcD10Nnd4N0FlZ2s4S2MxSDlyTFVTbGtXd0wxcWJ3TXZ3d0JJRkQ2M2c5YzBBJmRzCXn0QwUyJnVybD1UZFBVZ3d0R2lSenpHQ0lFbHJVUWNIQjg4c1VBMmp6eVU3aVUzRF9pSDYtYWVZQXNiMUN4aDJlSTU1b3VvRWF6ZTFzczFzN1NIUHR2RUhNQ3cybFlYWG53U3dCbE9hZ0hqcHdLeWdFYV8wblk4OHQ5eWdhcjQ2T2kzZ3MxWGhpblJkS2R2M1VpNWZTZndRc29DN1M5eE1tSzdGS0JFZ0RfSDRqMVN6X205NVBSWTdmRlhDWHgyM3l1cnpiRXd5aVFMTGMwTVZmUDFXUmNYaVFMRW5fSHNsa0FDUDViaTBrUy1uODNZcTFTSFlRSXY3X0l4OW13UEQ4cVRqYm0zb2Q5dEU2MUllTTItUGh6blc1U3VHUFZSYWpfNWhQX3NzRFFkdnMtQXVTR0F3SFpGVUwxb1ZCSExCY1M0X0lEUlp4dzloR1lWVFpNTmtZUTd5SFlXR01vcmgxX1lDYWtyZ3pqblBZTmRKQ0Q3QkN3NUZYSWhEX0RfUk5vQWNKWmxNNllaVW8xdUhta3FLZVVUbGRyTDdLbWZPbHZybXlqbnF5RGJ6QWxVZ2tZZHg4OVlYTURSVzAtbWR0RmRjbEpma05yQWZveXZ2WUVtWmZZZnBXNFJtYi1sX1pmd3E0MHJPb2s1aHBLTkF4SnY3MTZfSWQxSFBPMUxPSG1DaGJvUmJVSnBQTlVQUHBiSkN1Mkw4Q0pReVcwZmdhdGdmWjRpMEllYW93ZEZHaVI0R1NkN0U2eDFlZVVDUV9vQ25aMlU4STgzbjF5dmIwNTdxWDVoLWVESDJqV2tQbWx3X09xZFhwZkVMVnQ2R2ZTektWYm94YXU3LVVSZ0ttaG5XTjFxLW51Tl9RRi1NZzdjOHpVUEduXzg0aFJMbUhJZlR1OGxMRE5ueGYxYnczU2dOM1k2VUhkN3VyYnI4aGZycHo5aEhPR19hUkdKZzN4NFFtRENvSWM3MkVieFI2X0VKUTlHd2o1cjZ1RnZ3OG5sX2l5cFBqbDNGY0lYZmc2WE11emZ5Y2ZTWlhqcERJV2JoeWgtX3p2MnBpaFN2S0VObjR1OHpnQ3QxMnNkMkdmNGVHWDYtaFllQ0hiLUpra3JOSzY5NFI1Q1E5Y3cwb1Fsb0swbC1hcHlsTkRZS0dXM1dDSldRY1FET0FlQmd6b2EzOXQ2NnhsMm9LQnlQbXJFOTBxZV95ME1IVnN5aEN6cm4wQlRHbnNoTFNnYVZZQk53V3BMUUVGbWFxV0hyRHFQR3d2M1JDazc1RDBoY1lXcU5rRVpPQmEzRWlxUFhkMDdELXVNak5mVndXMjBQbFo5Ti04Q3ZHVWN6aF8yTjBia0xnGhMyMzY0MTQ0ODA3NDY0ODQ0MjI1IgkzMjgwNDY3MjUqBTEzMzY4wAOsAsgDANgD3RzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQLOTYuOS4yNDkuNDKoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIWxtpwBiAUBmAUAoAWww4i8kvbI0w3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWz5D36BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzExNDM2MjC6Bw8IABAAGAAgADAAONweQADIB_-rBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHsfD4BYoIAhAA&s=528bc2363216385e0d304da7c2670604a140a6cc&type=pv&jm=1003&px=0&py=1&bw=298&bh=174&sf=1&sid=2140665411369492194&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24561353&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.121 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windaloop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 578.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9cf4b428-396c-4cec-97f4-cca72ada4691
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://windaloop.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 3679 		0
0
v1
ads.yahoo.com/cms/ Frame 4C05 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 4C05 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 3679 		0
0
v1
ads.yahoo.com/cms/ Frame FE3A 		0
0
v1
ads.yahoo.com/cms/ Frame 1B2D 		0
0
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 42DB 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 42DB 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame C95D 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame C95D 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
spp.pl
sp.analytics.yahoo.com/ Frame FE3A 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 1B2D 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame AA80 		0
0
v1
ads.yahoo.com/cms/ Frame AA80 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame B6E6 		0
0
v1
ads.yahoo.com/cms/ Frame B6E6 		0
0
async_usersync
ib.adnxs.com/ Frame 6BE3 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b5d452b-95ca-4b25-85ff-6e2486937811
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AC9C 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5c4fe55-8293-478b-ace7-66b40c0184e0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 0E8E 		0
0
v1
ads.yahoo.com/cms/ Frame 0E8E 		0
0
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame 3D13
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32205

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=5sXF81LhMv9MWGJQujci&pi=taboola
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT, Fri, 18 Mar 2022 09:12:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame 3D13
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32883

Redirect headers

location
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=6359460436251910749brt57461647594750670190ab
date
Fri, 18 Mar 2022 09:12:42 GMT
content-length
0
content-type
text/html
syncb
sync.bfmio.com/ Frame 3D13 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?gdpr=1&pid=170&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:42 GMT
async_usersync
ib.adnxs.com/ Frame 9509 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f78269d6-f4a7-4624-bce6-b96cb21b6ff9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0D52 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e45f4f5-f908-4c9b-8988-aaf9b9321f05
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3560 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
01fbc92a-6ca8-4e32-9d8e-5a1d634ac90c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4544 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b9c3a172-e0ae-49a1-96e6-b4de8c6b3c55
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame ABC7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&CACHEBUSTER=957517
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.31.113.18 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:43 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
x-cdn-edge-cache
HIT
x-cdn-edge-id
314
x-cdn-request-id
6641e585ebb4af78dbd9c168d2eae640
usync.js
eus.rubiconproject.com/ Frame 94D2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22106
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
async_usersync
ib.adnxs.com/ Frame 8D68 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ead108da-d8b4-4800-bf86-acb0e4bd5e4c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 6DB4 		2 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:17:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:42 GMT
async_usersync
ib.adnxs.com/ Frame DB29 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3023243e-4353-442c-bdec-813594f9977e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame DC3B 		0
0
v1
ads.yahoo.com/cms/ Frame DC3B 		0
0
async_usersync
ib.adnxs.com/ Frame 3FB2 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbe9903e-cae7-4529-8463-61ae3615e07a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C30 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
56daf0d3-104e-486f-96a4-bd746b636888
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame EC20 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame EC20 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
async_usersync
ib.adnxs.com/ Frame 6F6C 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5cc4e6ea-4ade-49e5-9579-64902f5a56c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 2472 		0
0
v1
ads.yahoo.com/cms/ Frame 2472 		0
0
async_usersync
ib.adnxs.com/ Frame 4445 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ef099290-71e9-4aa1-a1bb-37fe5b6b9914
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 2EDB 		0
0
v1
ads.yahoo.com/cms/ Frame 2EDB 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 4F58 		0
0
v1
ads.yahoo.com/cms/ Frame 4F58 		0
0
csi
csi.gstatic.com/ Frame 2831 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l0w7dmy0&c=7778057433221&slotId=3889028716610.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0B98 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:42 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d5657c3-86ce-429c-85ef-6043dcc46c6f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame AB97 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:04 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:04 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame AB97 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 45C3 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 45C3 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame 54A9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=RBL1QHx6UjNGbjFuaUtZeEwySHdkeDhaTExXMHgzdkNyTU9VVEFqTGJKTmdHRm5rNFRzUG1KbmdtbGZMem9ielZZd2h0eFJaVUJ6RkVJNkVzVHFNZG1HV3BKLzJBcUtXTVJ2MGVJaUErdVJxdWdJS2ppeGV1UGtMK2JhTG...
433 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RBL1QHx6UjNGbjFuaUtZeEwySHdkeDhaTExXMHgzdkNyTU9VVEFqTGJKTmdHRm5rNFRzUG1KbmdtbGZMem9ielZZd2h0eFJaVUJ6RkVJNkVzVHFNZG1HV3BKLzJBcUtXTVJ2MGVJaUErdVJxdWdJS2ppeGV1UGtMK2JhTGQ0RllxVjJzZk5CSlUyd3ljdmNkZFRpZ1p4SHhpa2pBdGQxcE9FUUR4cnJySjRvOVhTVGNmNTdVN3Jua1piQ1lSczJrcmcyb29lYnpteDBtME83WmVNZlpPUTFsRkVpWWx5VWxtaTdjTWdlQ091SlZBRjFLUE9UNW50Q2Eva211SUhPOEo4SUg4MnJyenZTUnlvVFhTMG8ybjRyZ0ttSTlxcnpsTERBMWkxMm82djUwZWlSMD18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
3345bd3bcdf3a06c164844c0f7d2ffb12d5a2e86b78fee0aa36642359087aeb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3805
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=RBL1QHx6UjNGbjFuaUtZeEwySHdkeDhaTExXMHgzdkNyTU9VVEFqTGJKTmdHRm5rNFRzUG1KbmdtbGZMem9ielZZd2h0eFJaVUJ6RkVJNkVzVHFNZG1HV3BKLzJBcUtXTVJ2MGVJaUErdVJxdWdJS2ppeGV1UGtMK2JhTGQ0RllxVjJzZk5CSlUyd3ljdmNkZFRpZ1p4SHhpa2pBdGQxcE9FUUR4cnJySjRvOVhTVGNmNTdVN3Jua1piQ1lSczJrcmcyb29lYnpteDBtME83WmVNZlpPUTFsRkVpWWx5VWxtaTdjTWdlQ091SlZBRjFLUE9UNW50Q2Eva211SUhPOEo4SUg4MnJyenZTUnlvVFhTMG8ybjRyZ0ttSTlxcnpsTERBMWkxMm82djUwZWlSMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2221
content-length
567
expires
0
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame F5EF 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame F5EF 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame D218
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=X64tgXxzdy9hYmZ2TFdJOXVJeDdCajZzNmNCeFp2VDM4UHlrdTJwR0lWVmdWT2h1MHAzeER6Z1luMTBBd0IvU0Z5T2cvYVpGVVowV3E1MCtTdHZycUhMOHUrVWYxQ0FSR0RhVGNjVkpwam1tcW44OWF1SVRhTE9SOUdLYT...
422 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=X64tgXxzdy9hYmZ2TFdJOXVJeDdCajZzNmNCeFp2VDM4UHlrdTJwR0lWVmdWT2h1MHAzeER6Z1luMTBBd0IvU0Z5T2cvYVpGVVowV3E1MCtTdHZycUhMOHUrVWYxQ0FSR0RhVGNjVkpwam1tcW44OWF1SVRhTE9SOUdLYTNTTXhCUlhTaXhUM0diN0U1MmhXZkpWbWNuK1ozdmtwRWFiZXFZdGZUNlVEN1lnY2o3dXZsVXoydHQvUi91QWI0ME4yVkVPSWFpOWVPcU1jV0d1R2JpQlBlc2VPNmVXOVExN295ZUpGdmpiUGJHTmpmcXNRTFBzb00vU0ZsdUQ3aVZLcnRLY3l2cG9mYW5vOGdKbFdLeDhmaThWdG0xWG51d0tBVUk1djlxWE9YZSszcGxTTT18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
42bb7cd4fb297cc8dd71b73ca7039ad4b1a4aacb9bce0072620ad8f8746e4b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3748
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=X64tgXxzdy9hYmZ2TFdJOXVJeDdCajZzNmNCeFp2VDM4UHlrdTJwR0lWVmdWT2h1MHAzeER6Z1luMTBBd0IvU0Z5T2cvYVpGVVowV3E1MCtTdHZycUhMOHUrVWYxQ0FSR0RhVGNjVkpwam1tcW44OWF1SVRhTE9SOUdLYTNTTXhCUlhTaXhUM0diN0U1MmhXZkpWbWNuK1ozdmtwRWFiZXFZdGZUNlVEN1lnY2o3dXZsVXoydHQvUi91QWI0ME4yVkVPSWFpOWVPcU1jV0d1R2JpQlBlc2VPNmVXOVExN295ZUpGdmpiUGJHTmpmcXNRTFBzb00vU0ZsdUQ3aVZLcnRLY3l2cG9mYW5vOGdKbFdLeDhmaThWdG0xWG51d0tBVUk1djlxWE9YZSszcGxTTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1888
content-length
567
expires
0
all
csm.us.criteo.net/ Frame 6DB4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=lLmZob6B_In13vMtNQHOHiugvmZhuip7oyMF4dQi_IIjPOYYjlGte-8q1kmlVN7XZskEbuIDS7LDGWlUyH7ws-vAOhhWE-YorwUEcE-CrXT-KNMIjGGwGZhE5QJM5M8LLzvOgPMOZD2skil3GVmoZVWJKsYI7qkL_a1gx5RdJifne3R6v0u7IR9OtM0tE7NQmrsT-anOlNyw_YkN8GtOiL0os6RwYaaSVwtjeQyF-PlKJW_QbpTSLogZcxE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 4BA1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=zgWUgXxIUkd2TFU2ZmlaakFKTURZbWVzaUtOSGUxWTVMUVc3a3M4VUh2aEkzRUF2K1RNRHJacllzQ3hsY1dKeTFhSFgvVlpLUUpTMHVWYW5tdERYOWRNcW9XTFlKVHFEZkV5bE1qNTFrS0hVRW8wZ0xuNGNtNEJ5aWx4Ti...
422 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zgWUgXxIUkd2TFU2ZmlaakFKTURZbWVzaUtOSGUxWTVMUVc3a3M4VUh2aEkzRUF2K1RNRHJacllzQ3hsY1dKeTFhSFgvVlpLUUpTMHVWYW5tdERYOWRNcW9XTFlKVHFEZkV5bE1qNTFrS0hVRW8wZ0xuNGNtNEJ5aWx4TitmUmpaNFNSc1FVK2NCM3VyVmd6MVZ0VW9iZHNwNXFoZmc1eDd4SDFNbE1LdFJnRFlqNmxuNzZ3bG90bGx2SStWR0FHaWdST1ltYUxVcUtYQmN3TXhOUHdPZ3FwMHREZGt6R2RCNllKSUczWHFSTXcxWW1sVzBaZVZsS093eUF4MVR5WFJtTkVSakRWQ2FwajVtcFpVZG1jNUhhV2Q1cTY4Zm5rS0dMaTBpK3c5Mzd6VmYwdz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
d431ab739b2387932cde2fbf209661ccca549cfaa8cee9a171a16dc3fc537f1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3558
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=zgWUgXxIUkd2TFU2ZmlaakFKTURZbWVzaUtOSGUxWTVMUVc3a3M4VUh2aEkzRUF2K1RNRHJacllzQ3hsY1dKeTFhSFgvVlpLUUpTMHVWYW5tdERYOWRNcW9XTFlKVHFEZkV5bE1qNTFrS0hVRW8wZ0xuNGNtNEJ5aWx4TitmUmpaNFNSc1FVK2NCM3VyVmd6MVZ0VW9iZHNwNXFoZmc1eDd4SDFNbE1LdFJnRFlqNmxuNzZ3bG90bGx2SStWR0FHaWdST1ltYUxVcUtYQmN3TXhOUHdPZ3FwMHREZGt6R2RCNllKSUczWHFSTXcxWW1sVzBaZVZsS093eUF4MVR5WFJtTkVSakRWQ2FwajVtcFpVZG1jNUhhV2Q1cTY4Zm5rS0dMaTBpK3c5Mzd6VmYwdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1916
content-length
567
expires
0
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 8724 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 8724 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame A690
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=0lXfrXw1UHBBK09oQSswL0VIZHRjekZMWmM1cHpvUDhERS9XY09tTDhkQmNoZjFFb3RrdnBjbHZtNXNtQVpXUVBLeURKS21rYTJYS0pValJmdzE3bkFIK2F5U01KbGFYOEl3MStFanBnMWt6MHBTa0ZsZVdEeW5CL1hsRV...
428 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0lXfrXw1UHBBK09oQSswL0VIZHRjekZMWmM1cHpvUDhERS9XY09tTDhkQmNoZjFFb3RrdnBjbHZtNXNtQVpXUVBLeURKS21rYTJYS0pValJmdzE3bkFIK2F5U01KbGFYOEl3MStFanBnMWt6MHBTa0ZsZVdEeW5CL1hsRVB0c0svZ0hwVG9ZdXNkWW1zYy95cTJDRHRleGwzOWdvNjllY28vNGUyeVhSZU5FdnBNZjByMTlTRkN0S1NPeFpqSWhIdThFSk16YzcyeDRrVFE1ZlhzTU93RFB4aVAwMnJtRVgvY1I5V2d2RTY4b1hDRzNmYTR5WDhwM0Z0cDNZUUk0eUs4dWdCRlBYZGJURzFCMnFYVktEUFRCQ3VOWVBzc0I5SlpoeHJsNWQ0Rk54d2oxRT18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
06da08696d716d733745c2e0a1a6c1ce53d6e3f47c985fb2f874c2ff2b98c5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3577
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=0lXfrXw1UHBBK09oQSswL0VIZHRjekZMWmM1cHpvUDhERS9XY09tTDhkQmNoZjFFb3RrdnBjbHZtNXNtQVpXUVBLeURKS21rYTJYS0pValJmdzE3bkFIK2F5U01KbGFYOEl3MStFanBnMWt6MHBTa0ZsZVdEeW5CL1hsRVB0c0svZ0hwVG9ZdXNkWW1zYy95cTJDRHRleGwzOWdvNjllY28vNGUyeVhSZU5FdnBNZjByMTlTRkN0S1NPeFpqSWhIdThFSk16YzcyeDRrVFE1ZlhzTU93RFB4aVAwMnJtRVgvY1I5V2d2RTY4b1hDRzNmYTR5WDhwM0Z0cDNZUUk0eUs4dWdCRlBYZGJURzFCMnFYVktEUFRCQ3VOWVBzc0I5SlpoeHJsNWQ0Rk54d2oxRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2315
content-length
567
expires
0
singleadvert
gsm-adverts.betstream.betgenius.com/ Frame 8555 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250&pubhost=windaloop.com&apnauc=3747064854672751328&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FTwE8aW1poj_q4uu2BDaTPwAAAOCjcM0_BW7bgwmNmj817zhFR3KpP-C6Hu2hPwA0XSLyqZJXQVgETTRiAAAAAMnGdgEYKAAAmBwAAAIAAABzT4UTudUlAAAAAABVU0QARVVSACwB-gC4cAAAAAABAQUCAAAAANwA-COcYAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21mxOJpAjtqMoYEPOelZwBGLmrlwEgACgAMTMzMzMzM-c_OglOWU0yOjUyNjlA7y1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjUyNjk%3D%2Fbn%3D90745%2Fclickenc%3D&client=NBCSports&dspid=3bc1d7fd2e&placement=DDM_APN_US_Sports_ACQ_300x250&bidid=3747064854672751328&_cb=1805027443
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e700e06809391598e26dc71fa67eeec4e4497632163cbe21665f2357f37e94d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/

Response headers

server
AkamaiNetStorage
content-type
text/html
etag
"c05bfa4ae33780eb4c0d3e0a8ce4f9c0:1643387661.045732"
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=33
date
Fri, 18 Mar 2022 09:12:43 GMT
content-length
1167
sid
mug.criteo.com/ Frame 756E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=xybQpXx6c3NrcnVIczlzR1FOUnpURVdGNy84MlZUaXg4K1VpaTFCbzFmbWlYdVA0Z09LbEFhd2lrSEI1dzMwdE5ROWlFM0l4SVJQNG9HSTd6SWIrMUI4eTB5V3NIeTJ6TFRSNDdHMm1mZ29Ub1VIS0tqZU1YcWZhbFY0dk...
422 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xybQpXx6c3NrcnVIczlzR1FOUnpURVdGNy84MlZUaXg4K1VpaTFCbzFmbWlYdVA0Z09LbEFhd2lrSEI1dzMwdE5ROWlFM0l4SVJQNG9HSTd6SWIrMUI4eTB5V3NIeTJ6TFRSNDdHMm1mZ29Ub1VIS0tqZU1YcWZhbFY0dkluTHFKMHBhSXczVjIrNHZaZlJSM0hkOHpHS05hcktVbmRXV09DbWJDQjNWRXIxcnJ4VUR4RXo0TzRtWUNtWmNteDVwZGlVWFg3cHNFK0tGem9IVU9zNWQ0SHlzT29Gb0FaTHcwaUR2djVuWk9aR2VGU2NBdVFtYjZaTG0ybzJrbXErMG1QY0czVHpmeUFCTi81TzI2aktEV0tscks5aklISlBhVWlPeTFOOVBxSG1zZDBXUT18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
0c0028f43e8a3d9e5eaa6619397af03b109c174fb343946692d6b0af4deab653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3533
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=xybQpXx6c3NrcnVIczlzR1FOUnpURVdGNy84MlZUaXg4K1VpaTFCbzFmbWlYdVA0Z09LbEFhd2lrSEI1dzMwdE5ROWlFM0l4SVJQNG9HSTd6SWIrMUI4eTB5V3NIeTJ6TFRSNDdHMm1mZ29Ub1VIS0tqZU1YcWZhbFY0dkluTHFKMHBhSXczVjIrNHZaZlJSM0hkOHpHS05hcktVbmRXV09DbWJDQjNWRXIxcnJ4VUR4RXo0TzRtWUNtWmNteDVwZGlVWFg3cHNFK0tGem9IVU9zNWQ0SHlzT29Gb0FaTHcwaUR2djVuWk9aR2VGU2NBdVFtYjZaTG0ybzJrbXErMG1QY0czVHpmeUFCTi81TzI2aktEV0tscks5aklISlBhVWlPeTFOOVBxSG1zZDBXUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1820
content-length
567
expires
0
imp_confirm.png
adservices.brandcdn.com/pixel/ Frame 4E08 		68 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/pixel/imp_confirm.png?aid=249101&cid=2711281&buid=09a7be08-91dd-4f04-a167-a1ac372be137&m=aax-us-east.amazon-adsystem.com&r=&crid=8229084&oid=56051924
Requested by
Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/imp?aid=249101&cid=2711281&imp_ck=09a7be08-91dd-4f04-a167-a1ac372be137&m=aax-us-east.amazon-adsystem.com&r=&crid=8229084&oid=4932764&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.144.122 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-144-122.us-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://adservices.brandcdn.com/pixel/imp?aid=249101&cid=2711281&imp_ck=09a7be08-91dd-4f04-a167-a1ac372be137&m=aax-us-east.amazon-adsystem.com&r=&crid=8229084&oid=4932764&impid=e923d3a7-f3e2-4649-b0ed-1bb25a32adca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Fri, 23 Apr 2021 14:43:33 GMT
server
Apache/2.4.29 (Ubuntu)
accept-ranges
bytes
etag
"44-5c0a4d1fc7d19"
content-length
68
content-type
image/png
generate_204
tpc.googlesyndication.com/ Frame 478E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zYtHUg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 999A 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 999A 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 9E96 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:18 GMT
x-content-type-options
nosniff
age
499225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Mar 2023 14:32:18 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 9E96 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame 2BC6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=IhfZvXwzN1lzNUoyY0ZLZ284Z0JjZ0s1VitERE5SS1hHTlh5NVBpVS9QdC8rN3Z2SzRXcCtzTFpZS0JNRlBVbE5sTTRFUEhaZDFaTHJxd3drQlpDQ1lGRUh3WGNxM0tVV3M2VXRJUzFtRk9MaC9KcWgrSkhLQTdVZTYxan...
427 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IhfZvXwzN1lzNUoyY0ZLZ284Z0JjZ0s1VitERE5SS1hHTlh5NVBpVS9QdC8rN3Z2SzRXcCtzTFpZS0JNRlBVbE5sTTRFUEhaZDFaTHJxd3drQlpDQ1lGRUh3WGNxM0tVV3M2VXRJUzFtRk9MaC9KcWgrSkhLQTdVZTYxanNiM2tjMk1CWDdRMU93RmtmY0VUd1FTSmFxdEZWcVBBOWk1WC9QcVRoWHk4aDJsV04xTlJEbXNyd2g4VGdhVGdITW93bk5INHhRWFNpa21sQVJobUFXbGJxSUp2RHJSTTM5bG5uZGg0N0NEZDYzZ2NSY2luZjE5WUYwTGFkREVKbFFHeE9PVEtqRDM3SGtWQkl1d0JVK0YyQzZZTGNaeHE0UmxidU5TSXRzSUhRTjZSTHlUZz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
fd74e77fde153206feffb78422815d92738284c067f38dbbcb62d54a8c2f06f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3591
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=IhfZvXwzN1lzNUoyY0ZLZ284Z0JjZ0s1VitERE5SS1hHTlh5NVBpVS9QdC8rN3Z2SzRXcCtzTFpZS0JNRlBVbE5sTTRFUEhaZDFaTHJxd3drQlpDQ1lGRUh3WGNxM0tVV3M2VXRJUzFtRk9MaC9KcWgrSkhLQTdVZTYxanNiM2tjMk1CWDdRMU93RmtmY0VUd1FTSmFxdEZWcVBBOWk1WC9QcVRoWHk4aDJsV04xTlJEbXNyd2g4VGdhVGdITW93bk5INHhRWFNpa21sQVJobUFXbGJxSUp2RHJSTTM5bG5uZGg0N0NEZDYzZ2NSY2luZjE5WUYwTGFkREVKbFFHeE9PVEtqRDM3SGtWQkl1d0JVK0YyQzZZTGNaeHE0UmxidU5TSXRzSUhRTjZSTHlUZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1933
content-length
567
expires
0
events
api.permutive.com/v2.0/batch/ 		101 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9a278cc54bf136f0b0eb7a7f31c454073b0222ff80ac7c3767f5ce438432c2a0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
via
1.1 google
cm
us-u.openx.net/w/1.0/ Frame 2016 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 18 Mar 2022 09:12:43 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usermatch
ssum.casalemedia.com/ Frame 2F98 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6b7d4924e2ef5e962cb591dccbe44c6ced095413a934f9a823705d6450093a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
10|188|218|131|73|221|230|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 18 Mar 2022 09:12:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
Content-Length
1762
Connection
keep-alive
B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,...
ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/ Frame DDFB 		51 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
cafe /
Resource Hash
7dea09afb837c343e952e40b437928e2ee9e2145f903a7cbccf5a61c5821819d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 18 Mar 2022 09:12:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
25051
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync
ib.adnxs.com/ Frame 653A 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d78d4c73-033d-4aaf-8f2f-88d3766bb374
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame BE58
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=2SIekHxYdzRkN3VoRlZMbExOWXdGeGJRQUhhdVRrbkx2c1pVRFhsdDZRVEthZW5obGlNUzJzV2h0SkVZUzlnRytKSDBvK2JHTzhQRWpsTUdoV1ZCWExZNEtrUzVoNEE4NmV2dUdqSFJWTmNOV1o1TVo0MnhCcFMrY0pqcz...
433 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2SIekHxYdzRkN3VoRlZMbExOWXdGeGJRQUhhdVRrbkx2c1pVRFhsdDZRVEthZW5obGlNUzJzV2h0SkVZUzlnRytKSDBvK2JHTzhQRWpsTUdoV1ZCWExZNEtrUzVoNEE4NmV2dUdqSFJWTmNOV1o1TVo0MnhCcFMrY0pqczBFMml4cTVYUmhtT0xqMXljY2VYclM0S2JUeUlPaDBXa084bXhFeUlFbUIvM0dKMXNVWWJNRnQ4UzMrb2dJVjhlNEszclB6cWxacmk0VGR6YUQ4UDM2b21WRmp6QjFZdzc1bFpIL09ueXZJM09EQmZUNUVWZHN5Y3dBa1lRSmhTQUl0MnZGL3hCQTUzemxFeDMwVUZUbmQ1cS9vL3dyNGw5OXJHYnVhekJCbnhVYjByMmtsbz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
5b5c6eb3ccc2b958e24a03e7d472ca07cdbef0a6d72cf73314221db3fbddb446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3860
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=2SIekHxYdzRkN3VoRlZMbExOWXdGeGJRQUhhdVRrbkx2c1pVRFhsdDZRVEthZW5obGlNUzJzV2h0SkVZUzlnRytKSDBvK2JHTzhQRWpsTUdoV1ZCWExZNEtrUzVoNEE4NmV2dUdqSFJWTmNOV1o1TVo0MnhCcFMrY0pqczBFMml4cTVYUmhtT0xqMXljY2VYclM0S2JUeUlPaDBXa084bXhFeUlFbUIvM0dKMXNVWWJNRnQ4UzMrb2dJVjhlNEszclB6cWxacmk0VGR6YUQ4UDM2b21WRmp6QjFZdzc1bFpIL09ueXZJM09EQmZUNUVWZHN5Y3dBa1lRSmhTQUl0MnZGL3hCQTUzemxFeDMwVUZUbmQ1cS9vL3dyNGw5OXJHYnVhekJCbnhVYjByMmtsbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2831
content-length
567
expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=11&f=0&j=&t=1647594748255&de=653648139255&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=18&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2907386859%3A5800174260%3A138375485717&cm=12&zMoatPS=mpu_left&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=22026445361&bd=mpu_left&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=22026445361&dfp=0%2C1&la=22026445361&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=323145139&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:43 GMT
sid
mug.criteo.com/ Frame 4CA9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=PoCnv3x4eW81SzVjK29mUFNBL2VGYkttMGpUR29kTzhWU1V6L3lNZXZJMkN6WW42K0Jqa2pNZXByZFgwdkdhY0tXeWY0clFKWUQyYTZRWmdXWHBoTDUwVldNUTk1anByeXVxbkVsQmVkRktlTEpLOW9NOU9nTkxKWCttWV...
431 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PoCnv3x4eW81SzVjK29mUFNBL2VGYkttMGpUR29kTzhWU1V6L3lNZXZJMkN6WW42K0Jqa2pNZXByZFgwdkdhY0tXeWY0clFKWUQyYTZRWmdXWHBoTDUwVldNUTk1anByeXVxbkVsQmVkRktlTEpLOW9NOU9nTkxKWCttWVUrZ1JmZEpxWjhMSUZyYmFaVVZOMmMzeUdHRVgzNHFBMUlaVTBNM0xWTVpGYUsyM3hocTBRRGh5K0RUajlZTHNud1lZRUxodVZPN2t0Z3I5azBtU0N6cC9QL3pDVWNkRWNCdEhqTnkzaU13NE4xei9FdUdKOWtRNHJDMTdRMTFuSVZhOWdFNVF2Q3FOM0xtbFNXcW54M0hoODUwZVczQm11cUxNRjlUT0RpdGNMQXd1TzFvST18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7d13b7f6673244ebde42a21fd4c0cc10210e4881e8bf3b589b1d7a8a625349e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3551
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=PoCnv3x4eW81SzVjK29mUFNBL2VGYkttMGpUR29kTzhWU1V6L3lNZXZJMkN6WW42K0Jqa2pNZXByZFgwdkdhY0tXeWY0clFKWUQyYTZRWmdXWHBoTDUwVldNUTk1anByeXVxbkVsQmVkRktlTEpLOW9NOU9nTkxKWCttWVUrZ1JmZEpxWjhMSUZyYmFaVVZOMmMzeUdHRVgzNHFBMUlaVTBNM0xWTVpGYUsyM3hocTBRRGh5K0RUajlZTHNud1lZRUxodVZPN2t0Z3I5azBtU0N6cC9QL3pDVWNkRWNCdEhqTnkzaU13NE4xei9FdUdKOWtRNHJDMTdRMTFuSVZhOWdFNVF2Q3FOM0xtbFNXcW54M0hoODUwZVczQm11cUxNRjlUT0RpdGNMQXd1TzFvST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2332
content-length
567
expires
0
sid
mug.criteo.com/ Frame F8CA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=LlGgznwwa1BFME9vYnQ5bzJMN2ZaQ25mNUV4aWpQVHVXUDU5NkdQZnd3ZHJzTU9INjQ5RmVuT2I5U2trckJOTzZseU5GWElhQmNqOXZMSDFxMitvS1JoUFJCdjBPU09Qai9nZHMySThzQ1VxWmtkN3VwMUtNZlhWMnQ5L0...
425 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LlGgznwwa1BFME9vYnQ5bzJMN2ZaQ25mNUV4aWpQVHVXUDU5NkdQZnd3ZHJzTU9INjQ5RmVuT2I5U2trckJOTzZseU5GWElhQmNqOXZMSDFxMitvS1JoUFJCdjBPU09Qai9nZHMySThzQ1VxWmtkN3VwMUtNZlhWMnQ5L0dUam52cE5FVEdtcjVDaCs3d25BcmJOQkJJOU5LQnNuQU5jMnBJdlN0anJrTE5XSVdMaFZvcUVRdEVFOUhJRFRwYlNnaUN5enk1SVkvUEJhQWlNN2VLWkhhV0ZMNVpXMHdvdm9YK3BjcW9xUWNEYVhQcDNvNHFVYUVBSW50WFc2UWVKeEhYeDJLd3doeWhNT25wVjNsdlBLRzJ1Z3BUT2xHRE5qVlJOUTVtRFhkTURLb2ZROD18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
79d9c0e01743e744963cc3431a03cafddec99a837a77ce2795d664ff7506a98c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3560
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=LlGgznwwa1BFME9vYnQ5bzJMN2ZaQ25mNUV4aWpQVHVXUDU5NkdQZnd3ZHJzTU9INjQ5RmVuT2I5U2trckJOTzZseU5GWElhQmNqOXZMSDFxMitvS1JoUFJCdjBPU09Qai9nZHMySThzQ1VxWmtkN3VwMUtNZlhWMnQ5L0dUam52cE5FVEdtcjVDaCs3d25BcmJOQkJJOU5LQnNuQU5jMnBJdlN0anJrTE5XSVdMaFZvcUVRdEVFOUhJRFRwYlNnaUN5enk1SVkvUEJhQWlNN2VLWkhhV0ZMNVpXMHdvdm9YK3BjcW9xUWNEYVhQcDNvNHFVYUVBSW50WFc2UWVKeEhYeDJLd3doeWhNT25wVjNsdlBLRzJ1Z3BUT2xHRE5qVlJOUTVtRFhkTURLb2ZROD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1938
content-length
567
expires
0
sid
mug.criteo.com/ Frame F884
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=irMVgHxLRFlaYTY1YmM2Y0lxemROKzdTTFRTWFZUOVZ6K2dBQTU4d0pua1p6S2hHZDQxcURHZXN1SVR6ZmlaWWxzcktUc0MxRTgyd3REMGlyaU5kQXQrOGROZzZ4NW0yWUtqeGE5YnVOaFNOTjBxajdYdElBK0JuVnovV2...
425 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=irMVgHxLRFlaYTY1YmM2Y0lxemROKzdTTFRTWFZUOVZ6K2dBQTU4d0pua1p6S2hHZDQxcURHZXN1SVR6ZmlaWWxzcktUc0MxRTgyd3REMGlyaU5kQXQrOGROZzZ4NW0yWUtqeGE5YnVOaFNOTjBxajdYdElBK0JuVnovV2hhNk52eEtVU2pDaDdKVnlEa1F4V3VDbnVKM3BvV0JpYS9DeFhXRkVnR0dtakdGNS94VDJiQm1YcklMcWw4MmRjUHR5UXJSSmxxbzFlVkZDbjArVWsyUkdkblQ1K0Z1Z24rV3Z0RW9rREsydnBLNWZpbmlKSHI2ZytyUDlCbVFSNTNIMHA4MW1zUWwxaWZCcHlmaGYxcCtkSFl1cFZMaHlEK3RZK0hqRVFXVzhKOEJYU1JJdz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
336b18c8d9f6f0add44e0a144bdd50e0518a06538b2a25a6be8e709b7e6f6e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3525
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=irMVgHxLRFlaYTY1YmM2Y0lxemROKzdTTFRTWFZUOVZ6K2dBQTU4d0pua1p6S2hHZDQxcURHZXN1SVR6ZmlaWWxzcktUc0MxRTgyd3REMGlyaU5kQXQrOGROZzZ4NW0yWUtqeGE5YnVOaFNOTjBxajdYdElBK0JuVnovV2hhNk52eEtVU2pDaDdKVnlEa1F4V3VDbnVKM3BvV0JpYS9DeFhXRkVnR0dtakdGNS94VDJiQm1YcklMcWw4MmRjUHR5UXJSSmxxbzFlVkZDbjArVWsyUkdkblQ1K0Z1Z24rV3Z0RW9rREsydnBLNWZpbmlKSHI2ZytyUDlCbVFSNTNIMHA4MW1zUWwxaWZCcHlmaGYxcCtkSFl1cFZMaHlEK3RZK0hqRVFXVzhKOEJYU1JJdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2002
content-length
567
expires
0
48
r5---sn-ab5l6nzr.c.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r5---sn-ab5l6nzr.c.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/acao,ctier,expire,id,ip,ipbits,i...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-ab5l6nzr.c.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DB68AB133C10299F4DF5A41027D2FE8E8EC831E.2378537B9EE617A1DC1DDBE168F666F43E88FFC7/key/cms1/cms_redirect/yes/mh/Bw/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzr/ms/onc/mt/1647593599/mv/u/mvi/5/pl/48?cpn=q4HADjZjMFTiE2bG&file=file.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
2607:f8b0:401e:29::b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
72201f2fb7c22a9a1d42e3a47d8e627deecdab6af46d414bf44f42cb881f5ad3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Aug 2021 18:18:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2114259/2114260
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2114260
Expires
Fri, 18 Mar 2022 09:12:43 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-ab5l6nzr.c.2mdn.net/videoplayback/id/63205c2f135b6136/itag/692/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772635488/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DB68AB133C10299F4DF5A41027D2FE8E8EC831E.2378537B9EE617A1DC1DDBE168F666F43E88FFC7/key/cms1/cms_redirect/yes/mh/Bw/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5l6nzr/ms/onc/mt/1647593599/mv/u/mvi/5/pl/48?cpn=q4HADjZjMFTiE2bG&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
676
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9545 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 18 Mar 2022 09:12:43 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame C95D 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame B251
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=sSTv1HxpaExkVVFqakE0UG0zclpRSWVibkJJaC80R0d6UWRMQ1hJS0dzZDJEdDArc0gxSTNQU0Y3d0hFRmZUUVZubk1Ec0lxZVUzbERBd2t2d2xIWkE3c3YxQkszeDgrTWxjNVV2bFBDMnUzR0ZEaWhja2J2RlVsOGZjVW...
439 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=sSTv1HxpaExkVVFqakE0UG0zclpRSWVibkJJaC80R0d6UWRMQ1hJS0dzZDJEdDArc0gxSTNQU0Y3d0hFRmZUUVZubk1Ec0lxZVUzbERBd2t2d2xIWkE3c3YxQkszeDgrTWxjNVV2bFBDMnUzR0ZEaWhja2J2RlVsOGZjVWNrVmtpMXR5N3ZHZitxemZ2RnhXN1lQWmJ5QnB5ZmxGaU02ZjBWUWRBQ1RENkFKZWZlYjJNYU5MQXhLUUd1Y00wcEh6QUk4WUdnWWdtVEJwdnA5L1FVSHZYSXc1OXk0ckM1M2paUjVlUSsxSjhpZkp0YXcyQ3MwZXpjaHg0aVVpczAvM0pZWVpkZUpnMU53dFk4REZlbERBUUNPYzYxWXRJc3JqYWh6bEFtaktmbzhjTzU3bz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
e60438314a39c3708f2953aac02b64083ea91e44506a8896cfef0e83d9d5f1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3438
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=sSTv1HxpaExkVVFqakE0UG0zclpRSWVibkJJaC80R0d6UWRMQ1hJS0dzZDJEdDArc0gxSTNQU0Y3d0hFRmZUUVZubk1Ec0lxZVUzbERBd2t2d2xIWkE3c3YxQkszeDgrTWxjNVV2bFBDMnUzR0ZEaWhja2J2RlVsOGZjVWNrVmtpMXR5N3ZHZitxemZ2RnhXN1lQWmJ5QnB5ZmxGaU02ZjBWUWRBQ1RENkFKZWZlYjJNYU5MQXhLUUd1Y00wcEh6QUk4WUdnWWdtVEJwdnA5L1FVSHZYSXc1OXk0ckM1M2paUjVlUSsxSjhpZkp0YXcyQ3MwZXpjaHg0aVVpczAvM0pZWVpkZUpnMU53dFk4REZlbERBUUNPYzYxWXRJc3JqYWh6bEFtaktmbzhjTzU3bz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1850
content-length
567
expires
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 6DB4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 18:04:15 GMT
x-content-type-options
nosniff
age
140908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 18:04:15 GMT
sid
mug.criteo.com/ Frame 9C67
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=XmaZUHxVN2hTVFdrZUt0dm9PTkFFbFNQYUdvZG45bUJYTnN4V1lxQTRlY0Nkbms4dFVxbFhTUUdjMCtNa3gwRjg5RlN6WUptczV1cHR5QWp5YVY3dVVxdkVsV0NpNVNFMnZTTngyb2NDTEZ5azBpRnZWQmY2SlRPNEFLOU...
428 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XmaZUHxVN2hTVFdrZUt0dm9PTkFFbFNQYUdvZG45bUJYTnN4V1lxQTRlY0Nkbms4dFVxbFhTUUdjMCtNa3gwRjg5RlN6WUptczV1cHR5QWp5YVY3dVVxdkVsV0NpNVNFMnZTTngyb2NDTEZ5azBpRnZWQmY2SlRPNEFLOU0xUTdqSi9zczdZd0JDZnoyZmtlVTdQL3RqckpSZFBSclR5UHVjN0FKOW10eXErVW1EdEtaZXpkM3VjZ3hueG04bUpxWURSMVRIU21FT2FnVk9zSkdVK0U5enVDbnhybFZmRjZUeFUreXVZeGRsbzhVblkyZFhER1JNVXphQk5pVlczL1VDNjVYRFRSWWJMbC9qd3JhMnNWK3ZVODYyRndRekJKZVJFTmdNMTVoYmR5STc5az18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
bfc8935a3a81e5054ca898082640ebe53e5cb8e03864a61ac9a88f93b151e542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4318
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=XmaZUHxVN2hTVFdrZUt0dm9PTkFFbFNQYUdvZG45bUJYTnN4V1lxQTRlY0Nkbms4dFVxbFhTUUdjMCtNa3gwRjg5RlN6WUptczV1cHR5QWp5YVY3dVVxdkVsV0NpNVNFMnZTTngyb2NDTEZ5azBpRnZWQmY2SlRPNEFLOU0xUTdqSi9zczdZd0JDZnoyZmtlVTdQL3RqckpSZFBSclR5UHVjN0FKOW10eXErVW1EdEtaZXpkM3VjZ3hueG04bUpxWURSMVRIU21FT2FnVk9zSkdVK0U5enVDbnhybFZmRjZUeFUreXVZeGRsbzhVblkyZFhER1JNVXphQk5pVlczL1VDNjVYRFRSWWJMbC9qd3JhMnNWK3ZVODYyRndRekJKZVJFTmdNMTVoYmR5STc5az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2007
content-length
567
expires
0
sid
mug.criteo.com/ Frame B8B1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=6e9rNXx2NzQxYTgxZ3RJSUI1S0szVkdiSm9CWkQ5TEkxNWE4Y3VibEEzU01UdkdNRGNGaW9aU0dDc3NJdkNydTJTcXRiSS9IRmttL0ZQdkVSOThYY016am1aM1JBSUdKa3Z2ZHlHQnFMaExwWklTKzNrZndFYjkxVFM0RC...
443 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6e9rNXx2NzQxYTgxZ3RJSUI1S0szVkdiSm9CWkQ5TEkxNWE4Y3VibEEzU01UdkdNRGNGaW9aU0dDc3NJdkNydTJTcXRiSS9IRmttL0ZQdkVSOThYY016am1aM1JBSUdKa3Z2ZHlHQnFMaExwWklTKzNrZndFYjkxVFM0RC8zSlhSOWQwVDdSb3l6VnpWV0xlVlNhSUsyUktPd3ZUVE9tb0hOanZJTDhQNkVtNXd4NHRzSHAwM1V1V3dDSTZZdUJ1SmdvcmpNeHJ0MldFdFFOeXdLUm1PYVpmYStIdk44bzIrWEdISzVRcmpVZjM3SUVwQ0tZQWw2elI3TlFIVk5mZElKTzVIYjl3R21uSnVPTjRlT2lpNnpQVm9FR3RzNDJURG1vRmxyeUMyTEMxb0ZXcz18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
5ac84ca2b75aa87f726eda85382c3ba55bcce8f00a33b215555efda3401de203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3662
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=6e9rNXx2NzQxYTgxZ3RJSUI1S0szVkdiSm9CWkQ5TEkxNWE4Y3VibEEzU01UdkdNRGNGaW9aU0dDc3NJdkNydTJTcXRiSS9IRmttL0ZQdkVSOThYY016am1aM1JBSUdKa3Z2ZHlHQnFMaExwWklTKzNrZndFYjkxVFM0RC8zSlhSOWQwVDdSb3l6VnpWV0xlVlNhSUsyUktPd3ZUVE9tb0hOanZJTDhQNkVtNXd4NHRzSHAwM1V1V3dDSTZZdUJ1SmdvcmpNeHJ0MldFdFFOeXdLUm1PYVpmYStIdk44bzIrWEdISzVRcmpVZjM3SUVwQ0tZQWw2elI3TlFIVk5mZElKTzVIYjl3R21uSnVPTjRlT2lpNnpQVm9FR3RzNDJURG1vRmxyeUMyTEMxb0ZXcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1920
content-length
567
expires
0
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame 42DB 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
sid
mug.criteo.com/ Frame CDB2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windaloop.com&sn=ChromeSyncframe&so=0&topUrl=www.dailymail.co.uk&lsw=1
  • https://mug.criteo.com/sid?cpp=zxNCwnxCd3gyL0lwaTdqSmpEOEcvVVBtaWtycmhtUXRlZHJRWEs2dmpDMkFTcVZWaTFDeXF2ZDRnNDQ4L1VQdDFyeDVhNFFxRlNkaEJYRHdXbm1zcVluemVjKzcvRGRCWUN3NHlBZGJma3F1OVM1K3REb1JUWitvYWdwQj...
433 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zxNCwnxCd3gyL0lwaTdqSmpEOEcvVVBtaWtycmhtUXRlZHJRWEs2dmpDMkFTcVZWaTFDeXF2ZDRnNDQ4L1VQdDFyeDVhNFFxRlNkaEJYRHdXbm1zcVluemVjKzcvRGRCWUN3NHlBZGJma3F1OVM1K3REb1JUWitvYWdwQjV4V253NlpsWHQ1Yk1TVmx1UWFFa282Q3dBZFdXcm5ieFNuclJCU0QyRzVIS3o3anJFT1BIVm5lVWY2QkRnY3VXTVRJaVBLL3IxNlpjMFI0U21ETlZsaDJEODhxZEpXZXJBZUFmZmVtSVhWNkUwVDBrMCtTNVJaenZzc1V2QXZBN2pjNU1aQllyNzM3cjN0LzhJbkdTaTRyQUpmdnlDb2tNVlhBeTMrREtFTGJBcnhGZFB2ND18&cppv=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
0adecd403a9dae1f8bfb380cc86482a97dedc6135492b798d761117f101cc400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3619
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=zxNCwnxCd3gyL0lwaTdqSmpEOEcvVVBtaWtycmhtUXRlZHJRWEs2dmpDMkFTcVZWaTFDeXF2ZDRnNDQ4L1VQdDFyeDVhNFFxRlNkaEJYRHdXbm1zcVluemVjKzcvRGRCWUN3NHlBZGJma3F1OVM1K3REb1JUWitvYWdwQjV4V253NlpsWHQ1Yk1TVmx1UWFFa282Q3dBZFdXcm5ieFNuclJCU0QyRzVIS3o3anJFT1BIVm5lVWY2QkRnY3VXTVRJaVBLL3IxNlpjMFI0U21ETlZsaDJEODhxZEpXZXJBZUFmZmVtSVhWNkUwVDBrMCtTNVJaenZzc1V2QXZBN2pjNU1aQllyNzM3cjN0LzhJbkdTaTRyQUpmdnlDb2tNVlhBeTMrREtFTGJBcnhGZFB2ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1844
content-length
567
expires
0
rum
dsum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EEjgT0BKQ1BlCTXgpCLK72AJ-So
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EEjgT0BKQ1BlCTXgpCLK72AJ-So
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:43 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EEjgT0BKQ1BlCTXgpCLK72AJ-So
Date
Fri, 18 Mar 2022 09:12:43 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
CookieIndex
rtb.adentifi.com/ Frame EC0A 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-length
0
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=hC9c_JxukxkuB_-lTGAw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD22CDHFRV6...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hC9c_JxukxkuB_-lTGAw&us_privacy=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hC9c_JxukxkuB_-lTGAw&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hC9c_JxukxkuB_-lTGAw&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame EC0A 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YjRM-vslB2dqu-QqfshUQAAA%26559&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.152.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-152-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.192
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Date
Fri, 18 Mar 2022 09:12:43 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=1---&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=076e2204075d403fca6659f0&expiration=[EXPIRATION]
Date
Fri, 18 Mar 2022 09:12:43 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame EC0A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd9298c8cd157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame EC0A 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31691
n.js
geo.moatads.com/ Frame 8EA9 		69 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=STACKADAPTDISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&m=0&ar=359f21c1e97-clean&iw=c0bfd0c&q=2&cb=0&ym=0&cu=1647594763486&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=0&ii=6&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&gw=stackadaptdisplay515602019759&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A2472%3A3021%3A0%3A0&jh=-1&jk=-1&jm=-1&mr=0&ml=-&fs=197273&na=819753839&cs=0&ord=1647594763486&jv=6979344&callback=DOMlessLLDcallback_64049083
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.231.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-231-132.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
2c136c56c92051c6bac12e60613e1acdcec9f3fbe683023f605c78add807f37f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"35a650ac0dc4f111040206cab3527a58b364e8fa"
content-length
69
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame 8EA9 		254 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcode=stackadaptdisplay515602019759&ord=1647594763486&jv=1578565109&callback=BrandSafetyNadoscallback_64049083
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-240-223.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
8b99efcdc7c8bf16ad6b53b2a716bfcd6013401c1cc76b29f2da33ae5a8fc495

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"d8f0a3fdbd63baf99e87c9f99f1c40e3e85e942b"
content-length
254
content-type
text/html; charset=UTF-8
v1
mb.moatads.com/ot/ Frame 8EA9 		47 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ot/v1?url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcode=moatot&ord=1647594763486&jv=1046715343&callback=OneTagNadoscallback_64049083
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-240-223.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
45b524d641be150b1c1dfac5026a1b97277e0ebc07b4385eb0c099feffae01e1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"9f0fb486f805f3dec4a8529f6f9bd228449abf03"
content-length
47
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=STACKADAPTDISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&m=0&ar=359f21c1e97-clean&iw=c0bfd0c&q=3&cb=0&ym=0&cu=1647594763486&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=0&ii=6&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&gw=stackadaptdisplay515602019759&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A2472%3A3021%3A0%3A0&jh=-1&jk=-1&jm=-1&mr=0&ml=-&fs=197273&na=1965396261&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:43 GMT
truncated
/ Frame 8EA9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a16a4e9245776299b321e93c70b881eed39dbed32b99e0d131c8d9552587944

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame EC20 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
fonts.gstatic.com/s/oldstandardtt/v17/ Frame AB97 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v17/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7COld+Standard+TT:400,400italic&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:50:08 GMT
x-content-type-options
nosniff
age
134555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:50:08 GMT
csi
csi.gstatic.com/ Frame 41F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~l0w7djcs&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&dm=10000&met.4=5s.681~2sbc.7v6~10s.9qe&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F4d3c8b833d0d4e73%252Fitag%252F346%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1679130751%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F111502D0CA00FF50D27CD81022B4E8CEE1593E44.AD4D4C5B5B128A3196C8BBD091B0DA3399EEC32F%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 41F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~l0w7ds00&c=1236404168693&slotId=618202084346.5&qqid=CMOn796oz_YCFckCaAgdg-YAaw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&dm=10000&event_name=first_pause&asset_bytes=1628983&video_bytes=1406821&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=24&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=10.65&video_muted=true&video_seconds_loaded=10.65&vqdf=1&vqtf=255&vqfr=24&endedMediaDiff=-645.3330000000005
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26p0%3D0,0,0,0%26p1%3D1,1,299,2...
ade.googlesyndication.com/ddm/activity/ Frame 41F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu4Wq36jP9gIVSxAMCh3n_gSPEAAYACChoddOQhMIw6fv3qjP9gIVyQJoCB2D5gBr;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26p0%3D0,0,0,0%26p1%3D1,1,299,299%26p2%3D1,1,299,299%26p3%3D1,1,299,299%26tos%3D10307,0,0,0,0%26mtos%3D10307,10307,10307,10307,10307%26amtos%3D0,0,0,0,0%26mtos1%3D2348,0,0%26mtos2%3D3188,0,0%26mtos3%3D2127,0,0%26mcvt%3D10307%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10547%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D675%26pst%3D1%26dur%3D10645%26vmtime%3D10645%26dtos%3D2644%26dtoss%3D5%26dvs%3D2644%26dfvs%3D2644%26dvpt%3D2644%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2644,2644,2644,2644,2644%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D2047%26psv%3D2046%26psfv%3D2046%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,10307%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554;ecn1=1;etm1=0;eid1=13;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 41F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8n7l_kw0YsOwNMmFoPMPg82D2AaVoeP3aO-5mNO3D8_ptfDiJRABIJS60ENgye6Oi8CkjBCgAcq4i7AByAEFqAMByAObBKoE7QFP0PdQJtFqS_0Tx0Y7tTd7jH9Eu77mOhd9FC18w9lwWz9NxfkUNRA7pzFK1VfuJmYDzNCBUMQ8_WyxpHT4pp_Ys-vV-ucupgtleJIrSO2dFsNuuTB9wGUzaA1LMAR9UoPvEkXcTWCSGuqkRzsfN_LkF78tkGydhqw4KBN3oOsdF3d_l84NBJ9aDPctCFQnKd9tvEwsg-teiGHGdaaoKlBPV2myqw_OnZgJw5Ve6IOAnmJxTJJthJtWr-Fei1Y50NvO9SMSeV5BqfjqSy8lvOs5DafN0hy6ndjl0mf2PeeJA69DBLCCyl0RTRBIxvPABPa7o83wA-AEA5AGAaAGdoAHnsf0zwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDyAsB4AsBgAwBsBO8t8AO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=8nGxUEKH_1g&label=videoplaytime100&ad_mt=10645&acvw=sv%3D20211103%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,299,299%26p0%3D0,0,0,0%26p1%3D1,1,299,299%26p2%3D1,1,299,299%26p3%3D1,1,299,299%26tos%3D10307,0,0,0,0%26mtos%3D10307,10307,10307,10307,10307%26amtos%3D0,0,0,0,0%26mtos1%3D2348,0,0%26mtos2%3D3188,0,0%26mtos3%3D2127,0,0%26mcvt%3D10307%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10547%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D675%26pst%3D1%26dur%3D10645%26vmtime%3D10645%26dtos%3D2644%26dtoss%3D5%26dvs%3D2644%26dfvs%3D2644%26dvpt%3D2644%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2644,2644,2644,2644,2644%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D19048669%26psm%3D2047%26psv%3D2046%26psfv%3D2046%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,10307%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1647594752554
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 3BDD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=30317
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c0ce54a881ba942d2c48e40ab4aabcb0e1b90c4b20536d08e51ea316679ea7db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-type
text/html; charset=utf-8
content-length
599
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
300x250.css
gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/ Frame 8555 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cd63656c430f88465091e022b84dfa9821db554528f3c4ca85fe27fae8f62651

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
etag
"8a1097441585994b6572eacae6b7b493:1647547190.015686"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1919
externals.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 8555 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bd379cf84cc75eb1fcf8ed6366f594792bb5036fab8fe9faf65981d5cb617c70

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"500c93cc7277e6cd30b190dafa0a9963:1643387661.057926"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28210
content-length
25473
xhr-event-proxy.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 8555 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/xhr-event-proxy.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
31a83311fe2b2154601452dcfe63596581128398dffbbcb929cf1419887ec55b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"30f2e225a866797bdef8c9faa54f73fb:1643387660.996853"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28150
content-length
2684
sportsPredictorShort-h.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/logos/sportsPredictor/ Frame 8555 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/logos/sportsPredictor/sportsPredictorShort-h.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
97b21724b083fd068eb4471b9491bfe321cc2cee9e2d17dc9dfa2df1df4bc5f9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"ea40a0ed2d026a484d1bba1ebe5e770c:1647547190.020944"
content-length
8892
content-type
image/png
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
InsertGalleryHeader.js
gsm-adverts.betstream.betgenius.com/getWidgetJS/ Frame 8555 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetJS/InsertGalleryHeader.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
f53b992a3d46b47717e405ea5e95f28a4a08820046d3f947a8ba58bc61339533

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"de64-Z0K/WA8rAH1FH512RuhBrXA/aGo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
13
content-length
13123
getWidgetInitScript
gsm-adverts.betstream.betgenius.com/ Frame 8555 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetInitScript?uuid=5ca8f0c0-a69b-11ec-8595-c90dc765577f&advert=true&renderConfigId=marchMadness_Web&productName=NBCSports&containerId=gsm-advert&c=NBCSports&cm=marchMadness_Web&size=300x250&culture=en-US
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
27c0f5825a8748a3b9da66cb79dd0f03ff943b9e17f73c7a3c4bb287a740cb19

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"116b-8MJM3Et/AjWyS6vMQb7d1eKQ8O0"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-envoy-upstream-service-time
1
content-length
1158
sa.css
tags.srv.stackadapt.com/ Frame 8EA9 		27 B
254 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: creative.stackadapt.com
URL: https://creative.stackadapt.com/js/saimp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Mar 2022 09:12:43 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
27
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 8EA9 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: creative.stackadapt.com
URL: https://creative.stackadapt.com/js/saimp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Mar 2022 09:12:43 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame 6FDE 		0
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
558580512
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
crum
dsum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656893234070
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656893234070
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656893234070
CookieIndex
rtb.adentifi.com/ Frame 2F98 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
content-length
0
content-type
text/plain
ibs:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559
dpm.demdex.net/ Frame 2F98 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YjRM-vslB2dqu-QqfshUQAAA%26559?gdpr_consent=&us_privacy=1---&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0ff8cc49e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hg9KLlWSRBE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
41676
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6edcd92b2e16d157-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662290397426830
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2F98 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB?gdpr_consent=&us_privacy=1---&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
qmap
sync.crwdcntrl.net/ Frame 2F98 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YjRM-vslB2dqu-QqfshUQAAA%26559&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.152.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-152-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.159
content-type
image/gif
content-length
49
expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&gdpr_consent=&us_privacy=1---&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEjs2eSRP9iFBjOmsxFKcDo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:44 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=3589912411653720389
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 2F98 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YjRM_vslB2dqu_QqfshUQAAAAi8AAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31153
async_usersync
ib.adnxs.com/ Frame 6BE3 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2c2c13a-a7e5-46ca-8fed-bb8c12ba1c00
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AC9C 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c5096ef9-2968-4599-876e-f649eb0fa4c0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame DDFB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:45:20 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=11&f=0&j=&t=1647594748255&de=188198157065&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=19&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2904122127%3A5787369563%3A138376929203&cm=12&zMoatPS=mpu_puff_10&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=21693274347&bd=mpu_puff_10&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=21693274347&dfp=0%2C1&la=21693274347&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=337371542&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:43 GMT
async_usersync
ib.adnxs.com/ Frame 9509 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ed84effe-7297-4eb2-977c-6b9dcf51f587
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0D52 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
087b748b-9b06-405a-bc9d-c22abedda3bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3560 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
85eda658-4f8b-4f8f-a0d9-0f875505cf84
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4544 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa981a76-1afd-4e62-8ce5-e79ee1ac7a4a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D68 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
dfaaffa3-704c-4fb1-a769-e090530939e7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DB29 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb8a2f67-4990-4ab1-9b9f-2054a4e3c3e0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3FB2 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6f97985-15f6-498f-8bed-341a18836270
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C30 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
28a24c1a-d083-4052-82fa-a2547efe04b9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-Pay-Attention-Cat-Eyes-Crusher-Vee_71914_1_lg.png&v=3&w=400&s=kewbg9mMMBXkZa7vc06gSjLH&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7e3f757ff82d2f8ac1d666d24791051118e659ff029683cef72393bd239fc7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
76734
expires
Fri, 18 Mar 2022 09:12:43 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:43 GMT
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:43 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:43 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:43 GMT
async_usersync
ib.adnxs.com/ Frame 6F6C 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c8e357d1-6297-4af2-a800-cf33fe920d80
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:8.13,%22ts%22:1647594764000,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver...
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/v/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:8.13,%22ts%22:1647594764000,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver%22:%22r-1.27%22%7D?cb=2878943
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2YSPCFE19P7MHY8TSEGE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
%7B%22atf%22:true,%22f%22:0.86,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ts%22:1647594764001,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver%22:%22r-1.27%22%7D
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/atf/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/atf/%7B%22atf%22:true,%22f%22:0.86,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ts%22:1647594764001,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver%22:%22r-1.27%22%7D?cb=1278628
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2G7DXTGNXKFPK5FADR24
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
async_usersync
ib.adnxs.com/ Frame 4445 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bdacbda3-4add-424c-a5cf-7eb889cf29fa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcreative.stackadapt.com%2Ficons%2Fadchoices%2Fadchoices.png&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=0&ii=6&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=106&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A2472%3A3021%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=65&cd=0&ah=65&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jh=-1&jk=-1&jm=-1&mr=0&ml=-&tc=0&fs=197273&na=953744437&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame DDFB 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 01:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 01:18:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DDFB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 04:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2023 04:56:18 GMT
i
vid-io-cle.springserve.com/vd/ Frame 6FDE 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=ff195136&ps_id=623438&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.233.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-233-102.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
async_usersync
ib.adnxs.com/ Frame 0B98 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f3636a82-0fb7-40d5-81da-ae850ec0f3fc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=468fad316f7e1219&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAGbrSlsxWKNwMuV7Q6AAAAAAA&expiration=1647681164&is_secure=true&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAGbrSlsxWKNwMuV7Q6AAAAAAA&expiration=1647681164&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAGbrSlsxWKNwMuV7Q6AAAAAAA&expiration=1647681164&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=116e1e10-1710-499f-9bea-964d3a3bff34&dongle=8f7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=116e1e10-1710-499f-9bea-964d3a3bff34&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
http://eb2.3lift.com/xuid?mid=7666&xuid=116e1e10-1710-499f-9bea-964d3a3bff34&dongle=8f7
date
Fri, 18 Mar 2022 09:12:44 GMT
content-length
118
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3898&xuid=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&dongle=ac37
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3898&xuid=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&dongle=ac37
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://eb2.3lift.com/xuid?mid=3898&xuid=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&dongle=ac37
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
214
Expires
-1
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=6g-gXehe9QzxCaRb7F--WOpZq1_xCvZYuQs345UY
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=6g-gXehe9QzxCaRb7F--WOpZq1_xCvZYuQs345UY
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=6g-gXehe9QzxCaRb7F--WOpZq1_xCvZYuQs345UY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://sportradarserving.com/sync?ssp=triplelift
  • https://sportradarserving.com/ul_cb/sync?ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=7963&xuid=2ecac175-e4bb-473b-839d-2f57283fa661&dongle=3oy7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7963&xuid=2ecac175-e4bb-473b-839d-2f57283fa661&dongle=3oy7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7963&xuid=2ecac175-e4bb-473b-839d-2f57283fa661&dongle=3oy7
Date
Fri, 18 Mar 2022 09:12:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 3BDD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=mXDI4agD1Nv8EU5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=mXDI4agD1Nv8EU5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0d7afb85e555da863@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=mXDI4agD1Nv8EU5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
757c0557066e95cfd4c7
aax-eu.amazon-adsystem.com/s/x/ Frame 3BDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
CookieSyncTripleLift&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3BDD 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.54.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
content-length
0
content-type
text/plain
value=2230631680262455077259
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 3BDD
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2230631680262455077259
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2230631680262455077259
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2230631680262455077259
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=30317
Protocol
H2
Server
54.153.172.152 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-172-152.ap-southeast-2.compute.amazonaws.com
Software
Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0b519114ef66a3834) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
server
Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0b519114ef66a3834)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0b519114ef66a3834)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2230631680262455077259
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2347 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=55863995706537&bg=!GhmlGV3NAAba2mK92to7ACkAdvg8WrMTo3I-p0EDj7bjAqeme4vhaxrq3pFe9bpTM6bvAGRWkCwzKAIAABVJUgAAAAJoAQeZAwcSTOkfcdpq-YCb9mFaSQ-zOj8h1scr0D6bqkmydCeAb57B9m1Q0-zyM19gdqTiOOPj9zU60kUNRg4c22JXFW4S6b2FIZj_SV8I1sNF3a8n5ddRnMTL_1d1avklTFKVq5TPoCW8f52wRV4_Ykz16r-HfBxuNvqd8Gz3a0DfXXsOwN2tLZPevvwyDAlyu-IWtjPZDWYx0R8-6JqoVk6iiyBZ9GTXTjh_t_HGfOlcI8OPxZ6l-cCBRkenDU0uV4izSTryYCeZB0K0xMBVUh-zkQ0eDA97DnAnjzoavuD1Syky9PXckx6mGJ0if3iskURYBpsAzrhl2bKr4eak4d-YkcMHN-ceMsQ__UGrGdSnaol_SKN3uonCIVS5Z5TTBgEEXaSGACFLeFw15ZYTy0OtMXSE2sHZ8FuwvA3Gv_l2LIBRQN4EFg6U0nwTo25deChfVvC1nHYf7-XI1TjByznySreY9j9eBrJICmFNesztX02R6WStMcv9DuNKfatgTTHIqxp_TNlY5VR1pb7yzsH7APjzKuQiPXeKN283p6G8U0McdR0xUJn8TKtKCKAaKZUkUf9C5382QkoT56oB_aR9POOsjTRPCQGBlegLhHoapNLx8AZBXkEEJAG5KLAV3XM-eJnJhfFT8JU1do33g-uxhoRNkg6cQH3mkkliXaRQK7ZIjjDH6DeeVEMsxg9B0MuWpMiA0KCGVL2nEzWV6wbtL4CebZQqm-uKtJ4fEIUuqB7ijWwN3tGd4g2BvvnfZ1jhzDTS5--U3kTP_Xyb_bfbfZ3lMp6Gs_7thli1_Up2W-NYzFjmyHIIpQffheuMyTi0wwmMbBqi1OsovjUQgxfYoSCBZJOvMryuGJ1Uyar275K6Cqul-pK1WcPo9HegwqDkuJ9LU5NfP4DGGVPe_BSXt_bN3O66PWGln-rF4zy8obMQlIBnoXJjmbTu9hmOxsKiMOPuwBWcAwp5xU5sflxzh6t8RgKG_hf5gMK-xIUDYxHogAw60ynpNIBUtKUd8cZRfezLKMZoAad7
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FD0 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=39731558065206&bg=!srGlsfXNAAba2mK92to7ACkAdvg8WkbS_pbtVdffpppiHMSidTl2Pk7Yj_zObqDBTKBe_5ReRbI7MQIAABWNUgAAAAJoAQcKAAlLnztIUHTm-hOZAwzK7GDUM2tapfEVRNJvZrPNLe0SyFnBAKMhe1OkWpsRkADBhlfeApN-tz5aECWAieruKVGMpgVgjcAPfD7LuuQYRamnD7U1kt9-cfwdV3H7jJmfjH--1s_x9_oe-SxIcNXi41G7HLRLP1y9Tg3jtPoCN1lcKCabp2t2GH6ahCOoLGUTua43wLIEBSQprEoCBx-FyYHcAnVvMU6GB_cjS6xwzETC1byDLqAITFMGo1pQt19Giu8KdKUtotjR-aoCjpEk4NSUOfWv-WnSGlMnunA6zvo7YqzeFccAx4rkUwMDNIEEWWD_TB5Kfp3BPszzq9S6upehk5SfJeYXWsl5UtfJN8AW-76cGcnkFOra3dKAVBHHyBJtlCSLZOsEP37_11rLlFRCL3r6MhEFBxxrJC7On3ptHAb6LGRH-ftwk9aqOPSRipnmt6VQZ5vb1SA_xqGueUgLjyX-U4KormMuI_Njfw32ZsDkUO1lEzurI_2X5y29PlofAnt-D5Rk7s1l8PDR_KlKO9olpdB4LudESIzDWbAoRc9gqih6vpNdQLUPtO2bcrk506W8LUskri5AZ_dT_ue5z_kpDM4U2BexvQameJC71oZ7-ge196aNkWBQsLxseUSeCA1_zWzhegXLpmxT4ExLY-3kK7_iV3BQ7AADm8GSpNfo9RCviet8KMhVoshPTzH7BJY5v0wFEkdEyUwPiwnGAFZdPp6lfk9KEXMzwz1jci6M-TX94Yhjk3LJ4ErigGwWjnBMnfN5oQR6g1_VF3WpCfEe9lDHO1gXDtHynyEttWO337K10on_kNODYohKzB6g_FyHmFx5SmgZweg7RoUAm_t8f8T3zScqC2rLLxopXseZ3Ek2Pr1F4YYl5AYK0Khfsu79GsWa9SxSpQVNLSH6fICPrCW0J-t8bMVJ9klcr4z-xMZ2KLSdCCA8Uak6h8Nwmby1sCQuP6dJ9RvgYLoIJOydRq2A5or4rP4Bj7POKqLpZ-neyGp2Aq-oi7-nlTVsm3n4JXE3rxZ21HtAPfiJ6q4QW5BEENU
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:44 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:44 GMT
300x250.jpg
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/backgrounds/phone/ Frame 8555 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/backgrounds/phone/300x250.jpg
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a8b41d8149a46915977c6303f7a0711812582a9a4347fa612026e1406f88c18a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"af5e1a474156826122e5284ce258eb93:1647547190.021279"
content-length
20666
content-type
image/jpeg
Lato-700.ttf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/ Frame 8555 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/Lato-700.ttf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:47 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"85d339d916479f729938d2911b85bf1f:1647547187.210588"
content-length
73316
content-type
font/ttf
Lato-900.ttf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/ Frame 8555 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/Lato-900.ttf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8944da5a861ece00185fa173ea65324e7d4797aa863c6fa0f03e066805974b6c

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:47 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"e631d2735799aa943d93d301abf423d2:1647547187.212998"
content-length
69484
content-type
font/ttf
Lato-400.ttf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/ Frame 8555 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/Lato/Lato-400.ttf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/madnessGallery/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Thu, 17 Mar 2022 19:59:47 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"2d36b1a925432bae7f3c53a340868c6e:1647547187.20322"
content-length
75136
content-type
font/ttf
sync
x.bidswitch.net/ Frame ABC7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7c645530-439f-430f-be08-f3bda86d545b&ssp=between&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10616532434342100225&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=af231e30-3711-4eea-abed-7905c7506b1d&ssp=between&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214200604094006073608&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10616532434342100225&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10616532434342100225&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10616532434342100225&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=1&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=2&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=3&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=4&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=bs&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=5&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=160&fi=0&apd=385&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=bs&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=6&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=450&fi=0&apd=675&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=7&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=450&fi=0&apd=675&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=8&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
moat.xgi
m.dlx.addthis.com/m/ Frame 8EA9 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.dlx.addthis.com/m/moat.xgi?m=1&iv=0&tuv=0&hov=0&cik=0&tuh=0&th=0&d=dailymail.co.uk&url=https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcact=stackadaptdisplay515602019759&cid=30&advid=13935&caid=214464&sid=156&pid=pub-6384385731055605&crid=&w=160&h=604&sw=1600&sh=1200&bfa=0&tet=160&dev=dk&apd=385&s=0&ts=0&os=1&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&S3id=pub-6384385731055605&ord=1647594763486&pm=0&r=796068063137&mi=0&n=541798959&t=meas&type=display&fi=0&fvt=0&gmv=0&ui=0&uit=0&div=0&piv=0&bedc=1&q=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:44 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
moat.xgi
m.dlx.addthis.com/m/ Frame 8EA9 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.dlx.addthis.com/m/moat.xgi?m=1&iv=0&tuv=0&hov=0&cik=0&tuh=0&th=0&d=dailymail.co.uk&url=https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcact=stackadaptdisplay515602019759&cid=30&advid=13935&caid=214464&sid=156&pid=pub-6384385731055605&crid=&w=160&h=604&sw=1600&sh=1200&bfa=0&tet=160&dev=dk&apd=385&s=0&ts=0&os=1&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&S3id=pub-6384385731055605&ord=1647594763486&pm=0&r=796068063137&mi=0&n=632688626&t=hdn&type=display&fi=0&fvt=0&gmv=0&ui=0&uit=0&div=0&piv=0&bedc=1&q=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:44 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
moat.xgi
m.dlx.addthis.com/m/ Frame 8EA9 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.dlx.addthis.com/m/moat.xgi?m=1&iv=0&tuv=0&hov=0&cik=0&tuh=0&th=0&d=dailymail.co.uk&url=https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcact=stackadaptdisplay515602019759&cid=30&advid=13935&caid=214464&sid=156&pid=pub-6384385731055605&crid=&w=160&h=604&sw=1600&sh=1200&bfa=0&tet=450&dev=dk&apd=675&s=0&ts=0&os=1&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&S3id=pub-6384385731055605&ord=1647594763486&pm=0&r=796068063137&mi=0&n=940990632&t=nht&type=display&fi=0&fvt=0&gmv=0&ui=0&uit=0&div=0&piv=0&bedc=1&q=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:44 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0FB2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 05:49:22 GMT
expires
Sat, 18 Mar 2023 05:49:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
12202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame DB13 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fISraw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDFB 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:44 GMT
index.html
s0.2mdn.net/8347514/1646342969228/ Frame 125D 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8347514/1646342969228/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8de4f5c266624f0b90b29d0e724404aaaccfc302e57b42cdc9a16983d7d9379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
5052
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 11:10:36 GMT
expires
Fri, 18 Mar 2022 11:10:36 GMT
cache-control
public, max-age=86400
age
79328
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame DDFB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz0s7_X8Itts5AhTHugS_TBsDMEx48hlNGHVRi1iAYKFLnu00CT6pbJA7poNU15nUxQpwyuMLKh1OVhJP-5teOSBLwJb_6sjrQs0oeAN5EXN7pdLZGeChwS5Q9Ct9lhPuCj2GyN7nIvOO44SAI9IkJCEA&sig=Cg0ArKJSzLbcSS0S89OWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=281&cisv=r20220316.54258&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame 653A 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc2cf3a4-e126-4ea5-82b1-214db6806edc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cv
east.srv.stackadapt.com/ Frame 8EA9 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://east.srv.stackadapt.com/cv?aid=1-5231-164759475895511090205804-1&iidx=0&cv=%20%22%22&iv=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9d5b5b2a54dee47fe4117475ae2fb55956009f92a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-195.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
fc74e10d65c64b92d15ca728390997d6.js
s0.2mdn.net/8347514/1646342969228/ Frame 125D 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8347514/1646342969228/fc74e10d65c64b92d15ca728390997d6.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7319048fca57cded14b47792bfc345501c0d90d34b0e104432f1549079f9267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/8347514/1646342969228/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21535
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:10:36 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8635 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 23:39:42 GMT
dot.gif
s0.2mdn.net/ Frame 8635 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:35:00 GMT
x-content-type-options
nosniff
age
13064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 05:35:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8635 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgwRZE9Z16X3PloLhvP3-QZktR01q-JbZX7QD4arTwB40eYgfApReJpzrT_x2J6JTxjIA4Xxo9PFLriZ5e1NA&sig=Cg0ArKJSzDU1KFIGpBsjEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D7253%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594762453&avm=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D7253%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=200101;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D7255%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594762453;dc_rfl=2,https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%240;ecn1=0;etm1=0;eid1=210001;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D52,0,0,0,0%26mtos%3D52,52,52,52,52%26amtos%3D0,0,0,0,0%26m...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D52,0,0,0,0%26mtos%3D52,52,52,52,52%26amtos%3D0,0,0,0,0%26mcvt%3D52%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D52%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D52%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D52%26dfvs%3D52%26dvpt%3D52%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D7258%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,52;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=210006;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3CC1
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=QYNMgZCWoe2wivPIO6T0&cs=1
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594765.564521,VS0,VE8
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
p
ads.scorecardresearch.com/ Frame 3CC1 		64 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p?c1=9&c2=7213269&c3=2&c12=YjRM-gAN66WnSAAy&cs_xi=YjRM-gAN66WnSAAy&rn=1647594752948
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-122.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Y9myDxcIPXqrQoVZgXsxcV8l-BxB7WaaTZgXzUD1xdN-mSBPyrF9yQ==
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 3CC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_cm&google_sc&google_hm=WWpSTS1nQU42NlduU0FBeQ%3D%3D
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEARTuODML6v7n-vF_pp0HeM&google_cver=1
85 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEARTuODML6v7n-vF_pp0HeM&google_cver=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2378
x-served-by
cache-ewr18122-EWR
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1647594765.684517,VS0,VE0
content-length
85
x-cache-hits
5372

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_gid=CAESEARTuODML6v7n-vF_pp0HeM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set
sync-jp.im-apps.net/imid/ Frame 3CC1 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=5661&tid=tid&uid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.69.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-69-76.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 18 Mar 2022 09:12:43 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3CC1 		43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=94&partneruserid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=YjRM-gAN66WnSAAy
bcp.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 3CC1 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.137.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-137-144.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.197
content-type
image/gif
content-length
49
expires
0
1
tapestry.tapad.com/tapestry/ Frame 3CC1
Redirect Chain
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC618PFFTSZTCZWNT9NXT8H7&userid=YjRM-gAN66WnSAAy
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=945&ta_format=gif&ta_partner_did=E9FE735D19F4126ECDC057FCB7E06400
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=945&ta_format=gif&ta_partner_did=E9FE735D19F4126ECDC057FCB7E06400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
content-type
image/gif
alt-svc
clear
content-length
43
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location
https://tapestry.tapad.com/tapestry/1?ta_partner_id=945&ta_format=gif&ta_partner_did=E9FE735D19F4126ECDC057FCB7E06400
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=15552000
cf-ray
6edcd92eed4ee6d0-EWR
content-length
0
trackdmgr
adtag.primetime.adobe.com/adserver/ Frame 3CC1 		0
0
ibs:dpid=411&dpuuid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 3CC1 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-01a04558f.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9Du3GlwwScA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cs
s.thebrighttag.com/ Frame 3CC1 		35 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?tp=0WCbX0j&uid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.15.109.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-109-176.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
private, must-revalidate
Connection
keep-alive
X-BT-RequestId
924e9d10-a69b-11ec-98b4-0000ac17032d
Content-Type
image/gif
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
cs.vdopia.com/ Frame 3CC1 		0
0
um
sync.teads.tv/ Frame 3CC1 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=9&uid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-11.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:44 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 3CC1 		68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
content-length
68
content-type
image/png
xuid
eb2.3lift.com/ Frame 3CC1 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YjRM-gAN66WnSAAy&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
match
ad.360yield.com/ Frame 3CC1 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=73&external_user_id=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.166.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-166-156.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:44 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
t.gif
cw.addthis.com/ Frame 3CC1 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=116&pidt=0&pdid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.177 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-177.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:44 GMT
bct
mid.rkdms.com/ Frame 3CC1 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/bct?pid=e5493167-5896-41c9-93c2-d2fe04715426&puid=YjRM-gAN66WnSAAy&_ct=img
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.170.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-170-190.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server
nginx
content-type
image/gif
expires
Thu, 01 Jan 1970 00:00:00 GMT
p-T1mksRPv1rGRh.gif
pixel.quantserve.com/pixel/ Frame 3CC1 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-T1mksRPv1rGRh.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame 3CC1 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16421&user_id=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.93.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-93-37.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
4413
tags.bluekai.com/site/ Frame 3CC1 		62 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/4413?id=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
receive
pixel.tapad.com/idsync/ex/ Frame 3CC1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1026&partner_device_id=YjRM-gAN66WnSAAy
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=af231e30-3711-4eea-abed-7905c7506b1d&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73036983126550283923672921214654110234&pt=af231e30-3711-4eea-abed-7905c7506b1d%2C
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73036983126550283923672921214654110234&pt=af231e30-3711-4eea-abed-7905c7506b1d%2C
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-va6-2-v030-0869376eb.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BSZU0EoASnY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73036983126550283923672921214654110234&pt=af231e30-3711-4eea-abed-7905c7506b1d%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
insync
thrtle.com/ Frame 3CC1
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10064&vxii_pdid=YjRM-gAN66WnSAAy
  • https://thrtle.com/insync?vxii_pdid=YjRM-gAN66WnSAAy&vxii_pid=12&vxii_pid1=10064&vxii_rcid=a2603cc0-0c99-45d7-a530-cf71307404e8
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=YjRM-gAN66WnSAAy&vxii_pid=12&vxii_pid1=10064&vxii_rcid=a2603cc0-0c99-45d7-a530-cf71307404e8
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
107.23.25.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-25-6.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=YjRM-gAN66WnSAAy&vxii_pid=12&vxii_pid1=10064&vxii_rcid=a2603cc0-0c99-45d7-a530-cf71307404e8
date
Fri, 18 Mar 2022 09:12:44 GMT
server
content-type
text/html; charset=utf-8
content-length
162
strict-transport-security
max-age=63072000; includeSubDomains
p3p
CP="NOI OUR BUS UNI COM NAV"
mw
mwzeom.zeotap.com/ Frame 3CC1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&zdid=876&env=mWeb&cid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6edcd92f3af2d157-BUF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
match
sp.adbrn.com/ Frame 3CC1 		0
0
b.php
www.facebook.com/fr/ Frame 3CC1 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YjRM-gAN66WnSAAy&t=2592000&o=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 02:12:44 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
jJp85VuXycr1ZzFhfHaL1GWBOvO7VJll5gH8RcUXEJWtDR8N8kD9l97ijJNL7NKrO63cX/EYwBN2Ame8kXxpOg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 18 Mar 2022 02:12:44 PDT
/
ps.eyeota.net/match/bounce/ Frame 3CC1
Redirect Chain
  • https://ps.eyeota.net/match?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match/bounce/?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent=
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=YjRM-gAN66WnSAAy&bid=0rijhbu&gdpr=0&gdpr_consent=
Date
Fri, 18 Mar 2022 09:12:44 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
req
cdn.navdmp.com/ Frame 3CC1
Redirect Chain
  • https://navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy
  • https://cdn.navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy
6 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6edcd930cc6fd15f-BUF
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript

Redirect headers

location
https://cdn.navdmp.com/req?prtid=17&tubid=YjRM-gAN66WnSAAy
date
Fri, 18 Mar 2022 09:12:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6edcd92f9b62d15f-BUF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
user-registering
ads.stickyadstv.com/ Frame 3CC1
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=db7e229ad35eb3dc2e863163a34c1f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5b13_7076365628441686317
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f67a371d-f285-4ca2-be6f-f2af79502cb4
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGI3ZTIyOWFkMzVlYjNkYzJlODYzMTYzYTM0YzFm&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEANgPZu7QG2V4JR0h1wFW9o&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGn007EaJoAAAyap1piaQ&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/db7e229ad35eb3dc2e863163a34c1f?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-X4NHBfVE2oOc0Qs48lc8tR_vBZcSMk19478JQJzP~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=mXDI4agD1Nv8EU5
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=8af7dc84-a69b-11ec-9692-13cc52d00862
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6359460436251910749
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=9645647&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=8a1de752-a69b-11ec-92c5-fb53764b0872
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
0
0
47154.gif
idsync.rlcdn.com/ Frame 3CC1
Redirect Chain
  • https://idsync.rlcdn.com/367138.gif?partner_uid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=a41e6234-4cfd-4600-9afd-9c92d96c3201
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Server
MT3 4256 109297d master ord-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:43 GMT
YjRM-gAN66WnSAAy
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI2NDIyMjM5/mpuid/ Frame 3CC1 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI2NDIyMjM5/mpuid/YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55986/ Frame 3CC1 		0
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
u
5d0b6.v.fwmrm.net/ad/ Frame 3CC1 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5d0b6.v.fwmrm.net/ad/u?nw=381110&dpid=381110&buid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=&token=tubemogul
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f608:75dc:ec20:a692:551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3CC1 		1 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:391
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
info
uipglob.semasio.net/oath/1/ Frame 3CC1
Redirect Chain
  • https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=&sInitiator=external
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg1MjQ0NjQvdC8w/url/https%3A%2F%2Fuipus.semasio.net%2Fturn%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%21%7BTURN_UUID%7D%26sInitiator%3Dinternal
  • https://uipus.semasio.net/turn/1/info?sType=sync&sExtCookieId=3142368608644553920&sInitiator=internal
  • https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&gdpr=false&sInitiator=internal
  • https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-ydooa01E2oOCHUjyQg9kd75H2nkz_f3QVRQ-~A&sInitiator=internal&gdpr=false
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-ydooa01E2oOCHUjyQg9kd75H2nkz_f3QVRQ-~A&sInitiator=internal&gdpr=false
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:45 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

date
Fri, 18 Mar 2022 09:12:45 GMT
via
http/1.1 spdc0101.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-ydooa01E2oOCHUjyQg9kd75H2nkz_f3QVRQ-~A&sInitiator=internal&gdpr=false
content-length
0
adsct
analytics.twitter.com/i/ Frame 3CC1 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=YjRM-gAN66WnSAAy&p_id=6005
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Fri, 18 Mar 2022 09:12:44 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
35610713b0a79fd7013feb8557ca313a4c4df9dc7920c1f232b49e31c993ee23
content-length
43
setuid
ib.adnxs.com/ Frame 3CC1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f139aa92-9dcf-4c8b-bc3c-52b636c8752b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
p.rfihub.com/ Frame 3CC1 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
partners.tremorhub.com/ Frame 3CC1 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITM=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
genericusersync.ashx
sync.tidaltv.com/ Frame 3CC1
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy&s_h=1
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy&s_h=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2600:1f18:1c96:4102:49f3:ecb9:1797:d45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
server
Apache-Coyote/1.1
content-type
image/gif
x-xss-protection
1; mode=block
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
server
Apache-Coyote/1.1
location
https://sync.tidaltv.com/genericusersync.ashx?dpid=3129&id=YjRM-gAN66WnSAAy&s_h=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
sync
ups.analytics.yahoo.com/ups/55986/ Frame 3CC1
Redirect Chain
  • https://pixel.advertising.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YjRM-gAN66WnSAAy&_origin=1&gdpr=0&gdpr_consent=&apid=UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
date
Fri, 18 Mar 2022 09:12:44 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PYUnd1ve
rtd-tm.everesttech.net/upi/extseg/pid/ Frame 3CC1
Redirect Chain
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-1389049342319734444;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594765.905584,VS0,VE8
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

location
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
cx
msec.xp1.ru4.com/ Frame 3CC1 		0
0
image.sbxx
ib.mookie1.com/ Frame 3CC1
Redirect Chain
  • https://global.ib-ibi.com/image.sbmx?go=252280&pid=368&xid=YjRM-gAN66WnSAAy
  • https://ib.mookie1.com/image.sbmx?go=252280&pid=368&xid=YjRM-gAN66WnSAAy
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=YjRM-gAN66WnSAAy&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234
120 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS04
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=73036983126550283923672921214654110234
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS08
Content-Type
text/html; charset=utf-8
Content-Length
223
55772
i.liadm.com/s/ Frame 3CC1 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/55772?bidder_id=196348&bidder_uuid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.196.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-196-175.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:44 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
tubemogul
cm.t.tailtarget.com/ Frame 3CC1 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/tubemogul?uuid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, proxy-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
/
d.agkn.com/pixel/2611/ Frame 3CC1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212124818&tm=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
  • https://d.agkn.com/pixel/2611/?puid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2611/?puid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2600:9000:21da:3400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:43 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
ZQCKvkJk8InYSjasT6eFUMEFqy89aue6DLixxt8slBEfcBNu1IMuHg==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
location
https://d.agkn.com/pixel/2611/?puid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
Q1-qaqmJXDmQwMeku78vESOcCTb_PWl0wTNOUhYq-2Mm48SPw4cnGw==
expires
0
usermatch.gif
beacon.krxd.net/ Frame 3CC1 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.244.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-244-219.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1647594764
x-served-by
beacon-n027-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/ Frame 3CC1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=427&code=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1acffb5e-4377-42a9-80cd-642d90170b81
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CC1 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/2185/ Frame 3CC1 		43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2185/?sync=1078&uuid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:3400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
4hfL8sFWTkJpQZssp6IsFAyAA26-T-LKbWFaLzBy1uISme8TM7CZAw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3CC1 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:12:45 GMT
sync
sy.eu.angsrvr.com/ Frame 3CC1 		0
0
current
tubemogul-sync.dotomi.com/match/pixel/ Frame 3CC1
Redirect Chain
  • https://tubemogul-sync.dotomi.com/match/pixel/current?networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy
  • https://tubemogul-sync.dotomi.com/match/pixel/current?DotomiTest=6cfcab8dca6121a&is_secure=true&networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tubemogul-sync.dotomi.com/match/pixel/current?DotomiTest=6cfcab8dca6121a&is_secure=true&networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Server
2606:ae80:1451:19::1400 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
cache-control
no-cache, private, max-age=0, no-store
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://tubemogul-sync.dotomi.com/match/pixel/current?DotomiTest=6cfcab8dca6121a&is_secure=true&networkId=87033&version=1&nuid=YjRM-gAN66WnSAAy
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
partner
sync.search.spotxchange.com/ Frame 3CC1 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjRM-gAN66WnSAAy&img=1&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
43
tap.php
pixel.rubiconproject.com/ Frame 3CC1 		42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 3CC1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=YjRM-gAN66WnSAAy&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.152.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-152-36.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.235
content-type
image/gif
content-length
49
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3CC1 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf-HEgvYn347iiOigb4NJx8kiS0fojIhrC4eHWLjbTyGOXcQNg_zGttztS-_L07a9DOsXOrkhzlAcCHhQ5qgV2e-N7ziJY6uaDaul88Sx1W80sbNPaAQymMUdDpzjKHQBHU0xi&sig=Cg0ArKJSzBBd42isj594EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
event
moveinc.demdex.net/ Frame 3CC1 		42 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moveinc.demdex.net/event?d_event=imp&d_src=1052880&d_site=6411451&d_creative=155577335&d_placement=326554515&d_campaign=26100003&d_bust=468921871
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.107.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-107-88.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-0c495bd12.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
EyQHcd4fS5c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
imp
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&ssb=F&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&ias_vid_mon=undefined&vver=20200211&udat=vpaidjs_proxy_js&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
x-pt
P=242
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:44 GMT
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
x-pt
P=275
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:44 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 3CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/view?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&pvId=1&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&ias_vid_mon=undefined&vol=100&dur=-2&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
via
1.1 varnish
x-pt
P=161
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:44 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 0FB2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 23:39:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5920 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=3514487170398668&bg=!ysmlyY3NAAba2mK92to7ACkAdvg8WnE9EXyLOiPuIwUMlrfHZSztfAEl159gPnpddK1TzfAqfAjsRAIAABQVUgAAAAJoAQcKADZfsigeYWdIBXdzR8DA3AYnBBMy8OzT9ItdFHJIzklE0uS1wLZoseUU3QRKWbZ1XkYXihHakF2ZAwXqDgNDljKJeWlbo-q4focQzmlv9G91YbPZCM9AvqUeDKMRs_xrk6XG3tRfrf7ewoGctAp-zQL8M4wXIqJPnADby-SrthpDp2fBj-ZeYVn9n7Aj8CAzKSVQblfheIvZlIbYc9C5lNKiZmdp4iYkTG7lLUwvMPWQZ_mJ5IL4so-Pgk5qoOFzVFXTz0M_h4zxqs3wfZOUPPZYAxpe07x0ONEzxtn-lwXGxhvrvJLHYopUmiTPdk6A7zT1z3Yz80bK5LZiwoH0wgU2iwvlCgplueYZbTeqJzlSRBlmqQTOggRKSOtUSCj0RBmbMOIwsQsexkP3qjzJDc_MTlKm_7PG_h9eeCCopSLteWljIhkHtspkE0fPIY3j8Qjs2oYBfzJiTsgDDr5sLfVbKkQcXStjBbnybWIVoYxKUMQRrvzUwviXuCq6ajg0EyWO4YlHBNxj63mqF7EL4mjCH_dYZsjBBpMg27P2BvDNSdtAn77Mw4RWuEPNaF2mLpHLwMrlU66PF9DEZmb5_fHq2zWBeNdcqyWq8SlO2NVa6mzi31Pqs1xwtkqvJquqgA36gzEVbw4AFlMzFhtBTdY5EPt9j9iCbeFPe6QcKulRks9kQWFmmncOdNfDCfr3gynih1K7C-O3mWOR7UBPXTkbAey7Vb7hUrfRCn_P3zI0DLqW6KiWV2B3Q-Ox8qnySzGqRDfgRSdO-ryCAyreTYn8i2s8oQzkVRdWUX2F7rQ1LcFhah9qv48q4Zy45cU2r1zQwWFA9ICoSCicby39Qpr17ND40AIEVg9FgbHO1h0qOjDO5LZh0oxG-3s6mOn5ofph98VVgiwd60MOuXkAsG7NzBNiVIer2KGZvbZzC3OcQnWvMtoi3GCXfddsSAppd0tlpmiinx9lyGlKBO277pVX4LDm4J_4aPF-8JtLlOEtaIimN0YNM15M6Wv57jQhcxpxJDmHhdQwuKbMDGsERnjaiFB_-vTc2oQREfzzbpj7qXqHY37MvF8CWxzZocHV2rXJDV2CE7wwwzVlq-i5sQ
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8EA9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPZrwhRC1MHrjsy35WNhI8zaXDo9JFbHE0wm2rtdM8pyNuzPewQobRRhKNl7qKgQxrjVRLSaegHiUBuOKV5Me8Lw&sig=Cg0ArKJSzAmYL3_B8MYLEAE&cid=CAASFeRoIo9bc8ffIhUQIaa5qRap9vTZyg&id=lidar2&mcvt=1078&p=0,0,603,160&mtos=0,1078,1078,1078,1078&tos=0,1078,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=643645107&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594758871&rpt=4735&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dbbbddc5-ed24-4925-900b-75939d078d97
beacon-nf.rubiconproject.com/beacon/v/ Frame 0B82 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/dbbbddc5-ed24-4925-900b-75939d078d97?oo=0&accountId=9929&siteId=205750&zoneId=1013472&sizeId=201&e=498E45A22EEBCA464E0BF6DEA43D9AFE656975290F286AD530A955EEA008854BD32742E72B45E6422B764EC1570DAADEF578604B693C4EDC6662DAAB5F7F14469D4E2DC39CC592672B6ED89EECBF02E17223860394502C912B45CA01C83F02A8136351AEAD6C502A7005B99FE90E9ADAB9F68E812C506987CF3AF149FA8158281657434059D60378FC3BE8685EBA97EB8AD30CD940CC457B78216A559332E0334EBB500829B065F7E7FDA1BF89AD9B3DC20E8ECB326E0E9D05A2E75FF5ACC319
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.67 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:43 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D2268%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D16802%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=videoautoplayed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D2268%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D16802%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 75A4 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-38.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 03:16:12 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
server
nginx
age
1835792
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C2
timing-allow-origin
*
content-length
287
x-amz-cf-id
Q9RDDiwD5A0bERQxJn_LYq6ML29Qr3f8nJEEVNfQJ_W24lZE5qS0ZQ==
expires
Sun, 27 Mar 2022 03:16:12 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 282E 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:39:43 GMT
expires
Fri, 17 Mar 2023 23:39:43 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
34381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=MAILONLINE2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=11&f=0&j=&t=1647594748255&de=368340930201&rx=305135542903&m=0&ar=16e2d13da31-clean&iw=f4fab01&q=21&cb=0&cu=1647594748255&ll=2&lm=0&ln=0&em=0&en=0&d=5064879769%3A2904122127%3A5787369563%3A138377414314&cm=11&zMoatPS=mpu_left&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&bo=423397628&bp=22026445361&bd=mpu_left&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=22026445361&dfp=0%2C1&la=22026445361&gw=mailonlineprebidheader526476985912&fd=1&ac=1&it=500&pe=1%3A6335%3A6335%3A0%3A7697&iq=na&tt=na&jm=-1&fs=197504&na=607881952&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:45 GMT
css
fonts.googleapis.com/ Frame 125D 		10 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Open+Sans:400|Open+Sans:600|Open+Sans:300
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/fc74e10d65c64b92d15ca728390997d6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1546b2e0124573e8e8a820c235320f54730c1ea5396bc35b76d0259ada8e765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:12:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:12:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:12:44 GMT
42ceb410c5daa74ff7bb5bf434361bd3.jpg
s0.2mdn.net/8347514/1646342969228/media/ Frame 125D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8347514/1646342969228/media/42ceb410c5daa74ff7bb5bf434361bd3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38f32008646c4e60f1132c9c5b68c3636b92c672f44740b1c0a5bd3b0051c29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/8347514/1646342969228/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:10:36 GMT
x-content-type-options
nosniff
age
79328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24804
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:10:36 GMT
2592bf9eb71de2e7382de0f01afc6029.jpg
s0.2mdn.net/8347514/1646342969228/media/ Frame 125D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8347514/1646342969228/media/2592bf9eb71de2e7382de0f01afc6029.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbde030cdeb53a320222db7e2af1465dcbf48fb28b96d330f64bdf2c89cc61d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/8347514/1646342969228/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:10:36 GMT
x-content-type-options
nosniff
age
79328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26498
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:10:36 GMT
d05e7a010395a437b4d7d8723d8b6e70.jpg
s0.2mdn.net/8347514/1646342969228/media/ Frame 125D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8347514/1646342969228/media/d05e7a010395a437b4d7d8723d8b6e70.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1413e6306b949cefd16e74b58b6b47be075d1c83a0d77cd70b26cdd50efd5f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/8347514/1646342969228/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:10:36 GMT
x-content-type-options
nosniff
age
79328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:10:36 GMT
f625ec96f84f2292d31946db907624c8.svg
s0.2mdn.net/8347514/1646342969228/media/ Frame 125D 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8347514/1646342969228/media/f625ec96f84f2292d31946db907624c8.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8347514/1646342969228/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7718b70d9e00e10fef1effe9e82c3e386cd22ce5002392b7591403ab294d8f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/8347514/1646342969228/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7996
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 21:29:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:10:36 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:44 GMT
dbbbddc5-ed24-4925-900b-75939d078d97
beacon-nf.rubiconproject.com/beacon/v/ Frame 0B82 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/dbbbddc5-ed24-4925-900b-75939d078d97?oo=0&accountId=9929&siteId=205750&zoneId=1013472&sizeId=201&e=4735AA5088F84B83656975290F286AD530A955EEA008854BD32742E72B45E6422B764EC1570DAADEF578604B693C4EDC6662DAAB5F7F14469D4E2DC39CC592672B6ED89EECBF02E17223860394502C912B45CA01C83F02A8136351AEAD6C502A7005B99FE90E9ADAB9F68E812C506987CF3AF149FA8158281657434059D60378FC3BE8685EBA97EB8AD30CD940CC457B78216A559332E0334EBB500829B065F7E7FDA1BF89AD9B3DC20E8ECB326E0E9D05A2E75FF5ACC319
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.67 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:44 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=part2viewed&ad_mt=323&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D23,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D16913%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 2682 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=brandcdn01&aid=brandcdn01&cid=0701&c=brandcdn01cont1&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-38.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 03:16:12 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
server
nginx
age
1835792
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C2
timing-allow-origin
*
content-length
287
x-amz-cf-id
mQg3KxkpdAPfP515NQs5e6n5XNHWr1E3t41Kt9IaRMLfbWU2oBZQYQ==
expires
Sun, 27 Mar 2022 03:16:12 GMT
get
choices.trustarc.com/ Frame 2682 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-38.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 03:16:13 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
server
nginx
age
1835791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C2
timing-allow-origin
*
content-length
739
x-amz-cf-id
w-MGRaAupKClqwaLBJcadSx1GBb-OzJyNizVNx5EMp4bIltVknEYJg==
expires
Sun, 27 Mar 2022 03:16:12 GMT
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 125D 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Open+Sans:400|Open+Sans:600|Open+Sans:300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:46:05 GMT
x-content-type-options
nosniff
age
210399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:46:05 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 125D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Open+Sans:400|Open+Sans:600|Open+Sans:300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:54:38 GMT
x-content-type-options
nosniff
age
134286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:54:38 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=1474&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&lf=528&lg=1&lh=299&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=96&vx=-%3A96%3A-&pe=0%3A2472%3A3021%3A0%3A4965&aa=1&ad=1224&cn=450&gk=0&gl=0&ik=0&ic=0&ez=1&co=1224&cp=1194&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1194&cd=675&ah=1194&am=675&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=STACKADAPTDISPLAY1-sa_content&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jh=3&jk=8&jm=-1&mr=6&ml=214464&tc=0&fs=197273&na=868634312&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=1224&fi=0&apd=1449&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=9&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=1224&fi=0&apd=1449&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=10&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
moat.xgi
m.dlx.addthis.com/m/ Frame 8EA9 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.dlx.addthis.com/m/moat.xgi?m=1&iv=1&tuv=1194&hov=0&cik=0&tuh=0&th=0&d=dailymail.co.uk&url=https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcact=stackadaptdisplay515602019759&cid=30&advid=13935&caid=214464&sid=156&pid=pub-6384385731055605&crid=&w=160&h=604&sw=1600&sh=1200&bfa=0&tet=1224&dev=dk&apd=1449&s=0&ts=0&os=1&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&S3id=pub-6384385731055605&ord=1647594763486&pm=0&r=796068063137&mi=0&n=158025816&t=iv&type=display&fi=0&fvt=0&gmv=0&ui=0&uit=0&div=0&piv=0&bedc=1&q=4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:45 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=1224&fi=0&apd=1449&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=div&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=11&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=1224&fi=0&apd=1449&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=div&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=12&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:44 GMT
moat.xgi
m.dlx.addthis.com/m/ Frame 8EA9 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.dlx.addthis.com/m/moat.xgi?m=1&iv=1&tuv=1194&hov=0&cik=0&tuh=0&th=0&d=dailymail.co.uk&url=https%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pcact=stackadaptdisplay515602019759&cid=30&advid=13935&caid=214464&sid=156&pid=pub-6384385731055605&crid=&w=160&h=604&sw=1600&sh=1200&bfa=0&tet=1224&dev=dk&apd=1449&s=0&ts=0&os=1&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&S3id=pub-6384385731055605&ord=1647594763486&pm=0&r=796068063137&mi=0&n=43319304&t=div&type=display&fi=0&fvt=0&gmv=0&ui=0&uit=0&div=0&piv=0&bedc=1&q=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6384385731055605&output=html&h=600&slotname=8308011259&adk=643645107&adf=2562983592&pi=t.ma~as.8308011259&w=160&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647594757840&bpp=16&bdt=1041&idt=1008&shv=r20220316&mjsv=m202203140101&ptt=5&saldr=sa&cookie=ID%3D097f060fc0340404%3AT%3D1647594749%3AS%3DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw&correlator=7778057433221&frm=23&ife=4&pv=2&ga_vid=1144404248.1647594748&ga_sid=1647594759&ga_hid=1344351996&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1292&ady=43&biw=1600&bih=1200&isw=160&ish=600&ifk=3389053537&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065469%2C31065545%2C31065636%2C44760495&oid=2&pvsid=1344519207341694&pem=370&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=1028&bc=31&ifi=1&uci=1.5e43nj27lz9t&fsb=1&dtd=1029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Mar 2022 09:12:45 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame DDFB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz0s7_X8Itts5AhTHugS_TBsDMEx48hlNGHVRi1iAYKFLnu00CT6pbJA7poNU15nUxQpwyuMLKh1OVhJP-5teOSBLwJb_6sjrQs0oeAN5EXN7pdLZGeChwS5Q9Ct9lhPuCj2GyN7nIvOO44SAI9IkJCEA&sig=Cg0ArKJSzLbcSS0S89OWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=972&vt=11&dtpt=688&dett=3&cstd=281&cisv=r20220316.54258&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6103.3128940STACKADAPT1/B27369999.330334713;dc_ver=85.248;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=2822073652;ord=ld0eji;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Fwww.dailymail.co.uk$2,,https%3A%2F%2Fwww.dailymail.co.uk%2F$0;xdt=1;crlt=!yTTu-bsV3;sttr=933;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 282E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 23:39:41 GMT
/
sync3.sniperlog.ru/ Frame ABC7
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiNmtGRBlIFl4XSlAY*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiNmtGRBlIFl4XSlAaiARCTGdZ-ppsR7KbpACWQyCQ3
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiNmtGRBqIBEJMZ1n6mmxHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiNmtGRBqIBEJMZ1n6mmxHspukAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9319d67e-a69b-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9319d67e-a69b-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=ivgw%2FixEoHRGm7CNnxTugQ&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata&google_gid=CAESEGDsdP8l4KBl7R6KYWo5m48&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata&google_gid=CAESEGDsdP8l4KBl7R6KYWo5m48&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:48 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=ivgw/ixEoHRGm7CNnxTugQ&extra2=aidata&google_gid=CAESEGDsdP8l4KBl7R6KYWo5m48&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:9.17,%22ts%22:1647594765044,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver...
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/v/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/v/%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:9.17,%22ts%22:1647594765044,%22bn%22:false,%22pixelId%22:%22r0cfp03xvf%22,%22ver%22:%22r-1.27%22%7D?cb=2643751
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CM30E0NJ9FSVFPDY0769
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E643 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=1123969779730784&bg=!19Sl1JDNAAba2mK92to7ACkAdvg8WhpCH8tw2luTZ7PikRvRpOiTYic7AWG5iS6ir_KG5d5jUX06TgIAAAYaUgAAAAJoAQcKABbuOTlafU9vow1Aj35AWJt3VD78MsFRmQMP_k1dZHRrKUepmoTs48vhU3BRoeeOqwIWXJbjLbxaQWwFDkay7wB6zbKqu_tT_RP4wmyCr1RPnjeusLMsVEmWNVzNFbgLXOLGTTq6nT0hqEsWisQXxPf2qrJP_sIUh0M8Uc5ZXpm1MoJgCvZTNBzVV_cYzk6kYBi-RQgVlTmLQEAIGjYxTdgrsTe_m7GMltezaJ4fbhHPGojkFmgIz9JTBfzQ0iWGi4RjJjUi7VCUYh8lfJpO-Fs32zLo6Zor0r8WHFeJxRI_LuXSSqrkS4vM4Jjw-Jw1GeGsZEU0XDvU2PLQhSpFxqPX4iZaZp-bwjKhvhtN7vR-BoDU3R5oD6FgnqF5dAdjmfkQ5GFJVq3D1f25jW9MGpRsFwhpmYrDVxD_t3iSUxp9ofjcWYwppqjljD9Ftcc0_5v6Dvtzw1QCxdyHtrKLqTQcbGfKpYDsVHJ4DR-GCQw3ELCvMsDwGu7ztcFl5Jz_1MySu2viVWYdYn4baGgJoVyuD9jAyHTz666IbBYh-Fx398h4ApBdmWdFxERLaTt75OnTSiKsv8_IgpoBdpxOwxqb4AhYsYDo7bBH1IvePNEkEpRpDF4FXECDPwjxv5f6hEg1K2zART8cODVG6Sf9D8RCHEylGrXbdlQhJuoqt2u2oqQb8-8NVNwqAq6yRwQfN-ulbhTj4vnqLq16ZWAxDFuE7reUnTJ8EfnGO9ei6655bSefqbsneTEhHlSmRwPY4saZ3BTCJxUBGWzbMnPfhJ_f6ptmXHCIT1Va0IlSvkJ4AZ_tdqonJNDoV5hb_4DzCtIf9PIHsoBnJS5a-UcMF3XIw4C1gU25dIYN4JsV5YRYjHz5ppgqqEvd3xOm_xkWPujKVmUpSOU1sJBAUQT3Vm_u0c2iB1TYl-8nXZb38KG1XcTtLcmWS2wUfJhe7f28UTVn0mDnf4ReC-6VA8y7hN_mA29aTPPb7EJgvmVsZ3lssuIfkxpjdcJgTYIHhTVGaIL8-rbKMcYA281JpF-Ydacc9c1CZxx-aJjcgIbZH4LydBX3Rh-PMSZI
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F69D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyVAc26_xtjepxP9UJNg8IAV2W9mxFOa20zW9i5Bhyr4F6o2HwUuyc5gnuruHwkvCdnUoJZBmlUBzyFHojXKcR73hCnNvCFZ8OmqhWiPTMZdAuN2kzlEkor2L84zLrsED_pJ22RVHnUZ1v5FfAiUnm0qxnzaLutPuNY7ycxMsiZcOWtrvmkKiPwHLWVAihTbJpQDTPexOX--V-OBZZ7LuZGWWZ4xpnyLx8yrhvNppN2_3J9RZFJDHUQfOIq8OoE2KWQa2MYxlYV-JMFvXJ1IaBPQM5yv5zPSM5sfap2h9sw7gbYmSLPwtgReSG0Sr2Hdjd-AROAntv1ccQcQHN_Dj_XTPmNsr7Gw5L8oHr&sig=Cg0ArKJSzG8aGJZ6mMSfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F69D 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4a11786d85db42ed75d27c660ac1a7ad14c373d31a75c579ad6e5f9612ede37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10693
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.dailymail.co.uk%2F%2Fnews%2Farticle-2187999%2FIFRAME&i=MAILONLINE2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=6&h=92&w=638&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=318&gp=928&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&f=0&j=&t=1647594748255&de=799159559597&rx=305135542903&cu=1647594748255&m=16775&ar=16e2d13da31-clean&iw=f4fab01&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=928&lb=62021&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A6335%3A6335%3A0%3A7697&as=1&ag=15234&an=10736&gi=1&gf=15234&gg=10736&ix=15234&ic=15234&ez=1&ck=1230&kw=998&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15234&bx=10736&ci=1230&jz=998&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15070&cd=9570&ah=15070&am=9570&xd=00&rf=0&re=1&ft=5703&fv=5703&fw=735&wb=2&cl=0&at=0&d=4423103019%3A2306985054%3A4673068018%3A138322672366&cm=0&bo=423397628&bp=21709825945&bd=para_top&zMoatPS=para_top&gw=mailonlineprebidheader526476985912&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=21709825945&dfp=0%2C1&la=21709825945&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=para_top&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&hv=moat%20slot%20tag&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jm=-1&tz=para_top&iq=na&tt=na&tc=0&fs=197504&na=5035895&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B4CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuOljFdcKdE8Z38me4UlMyUE2XLxcwRdN3WYWyhZ20KdxlHzgh8cOmEe6FYXlFdW3ZGgI3_zB7Z-vUIt_TCVB6JI6ur-kMvM7r9fLGGmqAWLkSbZJZ3yyfuauRF11iVWc6zuPNNHk56ac-OlK2nKWI7xPxTXDS7C-kAwMpKten6DeTgfj0cLtcIRu7iHTvACxSLCk6SxvYZ49dM1pWg9DraGfJFVkw1n6jjl0EK-ibVLrPho-aYtLCCx9_uIDwV6cmfKMlG-IB_F_BkQodUjZPJpIjOkB79Ft7FPRROEC4yTNtyShMGN9BR6X0PCNH_mkp48il0NIJSwmevHCn98pn_VlpkJBa3c_FwQ&sig=Cg0ArKJSzEWoKnVK_f-gEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 18 Mar 2022 09:12:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F69D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_fy2019.js?bust=31065636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:45 GMT
crossOrgInlinedMin.html
hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/ Frame 6D5F 		40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/crossOrgInlinedMin.html?command=getCrossOrgUserId
Requested by
Host: hulkprod.anm.co.uk
URL: https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ef7857375d3e4cdba63beed810043d9b5774acd8260c20510fd3e94394793d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html; charset=UTF-8
content-encoding
gzip
service-worker-allowed
/
x-rs-ops
mol-fe-web-push-notification-c4-fe:8080
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
11923
cache-control
private, no-cache
expires
Fri, 18 Mar 2022 09:12:45 GMT
date
Fri, 18 Mar 2022 09:12:45 GMT
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28ad5bac26523862036259e0054db7148f83b85be90ed07a91e32a9e206a6a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10534
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C7F5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8e9819bdda22000b44611299b0642c137d0dc7e570ccac03fbac9b17cd5fc89
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PJq3dlwDOPBfBnCWtcUXew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:45 GMT
date
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PJq3dlwDOPBfBnCWtcUXew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FB2 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXcW3C000Ys_iDqiSoPMPzZ6IoA0AAAAAOAHgBAI&bg=!19Sl1JDNAAba2mK92to7ACkAdvg8WleAcxQZDTua4FxW0_GpNUtoW9K5lmcFqUcJLpi5bMbSwjsKcAIAAAJMUgAAAAJoAQeZA3RpgoITDNNMz3Wfs605y485XuSV_vOafFE9Dn8hHgBNKIftqcHwC2QNDWXhqeCabGwGU3ta0i1IBBFzgw97YfBEQPZdiiy47K9oD0myw2nTcVd4i9dxDmf1ldbYLUK2g3pIp9FVuex3N2i2n5nra1yKvbpudlBDaaw59SEkRznhu0wq8JdJVNm9Ne5oH3XbrZQ_cFycgECh0UpBp1DZ9PUY3hQ4fEHI5VOlUOLEVOH6Xc94f3sJ7tY18B0F7gChyxqdgktCp1FffDfbFSpgAKa7-TjUucNUtNV6uk_CKlozsxD4Afe7WdMLu0-9qhHtgug1Ip9NMbRd7AqChT4CqApxLdgmZ61__uuT3B4CUaGlTcMY3rOi0EKUA91qnOsSikxqF3uUPNbAnrulCXxIWVURggUcPn1iVLk9_W8qroYCbEP6zeM8Fb-PFRSFzfUYuUBhLNooMdKp797Rf_5JJJ-xBFq8J-HrNqsej0o5qYNYma6VsSnhvy_FetEgdurQ0_dephAqbW4E6FZgQBwg6xMNEm99pyHl8ybu3OyjCe9CX7zPWJNVYBZe4y7s7WJcfKDu9xlXKLEqXkKU5vFOOjVIi8ugiQG-h36J8Ud7Hm9THhWlaiNRKlxjGNaDEKrwbM2CG8k9CbnR3TqxDB906-OEbxyNmtW0quX1nrvjXB0IreSo0M3vNbHEKtjoWey_xvT1TCN_7TM71wmVp3UPXWrAa-7Ry0TuiyfPdzO7LeRChNww0Hrrohzbw7WP1dffzDJZ5BwF8u8rBF5rDysdBiOUN-t6BGMuUiOxZWtla3dAiE34OfZ3nVY0RTQgG3m4PXuJ7hPMcj5Kwdy6Buc2syuV3iCDkN-y0nVZIzRfBdDFCaz24TtQA4QrN-Sxsjkb7PZJk9k4szImZqB447MHMkxj6BAT5eZTuGxw6sjQvN8SB_1nv16F-OwlCsia3BYXl395pzgSBVmFwcvzbO0ye1R4QbhHouZoY8-wWDcKTmwM_zWw6JVxXy_WEhoKYilQzXr-OH-pxh0lJHTLHd_LKEAFOifaIWBD8yEgqJqwuAMAJt7S3udV0CX5kJXdhXVRyy7X1Bg2TN7ZAYssb2kSCPJWwMIRD54mD0-oTHUWV7bT9ikGA989vsnCaYo-Epb_ikLVvw0Ngo22dw6VGDQLetYNKCOEVg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F928229.jpg%3Fsw%3D350&v=3&w=400&s=mdzXVWQCsyA891nGueOMZtAO&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
79d47ef9c2e4543a78e3f00ad19d4b1c9ffd550f8fb69648d4cdb4cd94563aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147710
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8596
expires
Thu, 31 Mar 2022 16:01:15 GMT
sw.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/ Frame 		0
0
results.txt
mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pnblkx3tf
  • https://mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
184.51.146.146 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-146-146.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:47 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Fri, 18 Mar 2022 09:12:47 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pnblkx3tf
  • https://eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2600:141b:13::17d7:82da New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:45 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net/eum/results.txt
Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B77C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:40:48 GMT
expires
Fri, 17 Mar 2023 23:40:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
34317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 29A9 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab34bb107501493ba04171ba083b0c868a99824d3e79aae063c72cd43b94dcb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sYf35mAUErNVcp/FddLBcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:12:45 GMT
date
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sYf35mAUErNVcp/FddLBcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3700b9dcaaed4b3bb87e1f10b071645a_cpn_300x250_1.jpeg
static.criteo.net/design/dt/11589/220315/ Frame 45A5 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/11589/220315/3700b9dcaaed4b3bb87e1f10b071645a_cpn_300x250_1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c784ea6897ad3d3cb8fdd3d56b13fe3661ba7f955b271d17e17d60bf7813579e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
last-modified
Tue, 15 Mar 2022 20:03:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6230f102-5ee0"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24288
expires
Mon, 13 Mar 2023 09:12:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDFB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSIVMldCQkG1GpqS2ZvkP92wu3bmW42UGv-RFWzR9RsXZj-15AaNG_SHtV1Lzb42uKYvefr9DowYE59jxLSirAap_2P5et&sig=Cg0ArKJSzLgSgx2gL2_REAE&id=lidar2&mcvt=1040&p=0,0,600,160&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=34&adk=2822073652&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594763189&rpt=1378&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C7F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=1344519207341694&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 73C2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 282E 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.505.0&bgai=B_kmlA000YvSaGej7zgXt6KHoCgAAAAA4AeAEAg&bg=!IiGlIWXNAAba2mK92to7ACkAdvg8WkE2S4dhUFR8JU-Aj2UiHSzw-CGn9BIouoPiXINYvBzCgfF0KwIAAAIgUgAAAAJoAQcKAD4W7rSnvB00fA1peaTeEhX4BIQ6RWR1hdSvELU6w9LLK92vr19k1MTu4kciOqf8gpNHKd6GawGPesPHODGDyJkC9cjT9H3sUILsApTcEUAPaFsaijteOIoQ4M3D-uRsu0vSXqaGs7s1_T7T4JJRqtkYsuWoba4saiIqu5dyhJuri2xH7t3EEkpIDUzQOMkuJ0zpzkPiV6QEpbexzjnqr7PvQTO3Fu4I34_BVRcH5FjMU1jnlu4wmaKu146di8SnK43knGGiJ879nA9I1DK1jL08vPxqB_maYm0jqjvk24sTgAlKc8OsSkLtSY1pqn4MUKDbAkAVq0fsqP7XR0-otGkiWBljSaatZK6_L4sytOO7MOdAQ_2pEEqxvMDMEUxpkGyq6McP4MKxGMBanCx_KJ7NlbD5WVMU9pvSpbhOaxvdR81d7OtNK5mBcygwPb5IPDq_9PLLR3zXd3W-RQdLA3CywVXcSDRohkcMS_Nykrf6XhjCRhoztWclqthLfO1SAcePZquMPO0hNIiZkzKS4lfGfhYicAfRKL8YUhPiCUzKmd4PWdSqepybY-cijJWoi_MhARDXLsQ4GNlC9GONhnWIwyFxdbNS4HbA20PpBUBylPdHdTCCQJY6qNQpNTN50XenRPUNXhshehJA9kwU-qVALesI1iHuSpey_NCpVtsdxgz_Km7T26vn2IQKyZ49EqM7errlKATHYzsOOQPaauC86wai971cMxhW-oibe1FENqsjxF4raYisV4ISnjfDmApR1n8_8cwurA6_1mn71y9XdWWNetpC5wV6QfIY6dcCaYf5UYr2G34aPelwwaJiswAoXoQpGMNV6lX0wxTPcPFVaRkYmWTGhz6OKzzf3R75aPFocbWR93PRRPe_780sjdPh2khPvZxFlibbwiecdSQqQ3mBXwbfT344AEgAAWiFyMAFC3fdOMJm-dGvRTvgvV4IN2v220txckArWEXPOFOYA6s0BFYY0qIz_L1R_G4nP1InSllRdm9smnzk8yYp_dxWu03BgyP_A6cHRHAZcdKS-53jQ9OcZgc03xhKQkWmb1SOm0l7D0gWGxM6O5wRsSkHlm4zVxo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/impression
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html
content-length
1
cache-control
private, max-age=0
expires
Fri, 18 Mar 2022 09:12:45 GMT
date
Fri, 18 Mar 2022 09:12:45 GMT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.dailymail.co.uk
x-rs-ops
aka
sa
ted.dailymail.co.uk/s/ 		65 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a88::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
169f289044a1b0a8077d3ee1871252c112f371653667165954661bf7c44c4c27

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-a4-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		65 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
30c0253372b8980db69d60d719b25d92a1a6b17df9b2c56ba5d91fbe83f7aa27

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-c1-fe.rdg.mol.dmgt.net:8180
impression
hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/ 		8 B
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/impression
Requested by
Host: hulkprod.anm.co.uk
URL: https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:12:45 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:45 GMT
cache-control
private, no-cache
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
8
x-rs-ops
mol-fe-web-push-notification-c7-fe:8080
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=361407818&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ul=en-us&de=UTF-8&dt=Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F%20%7C%20Daily%20Mail%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=push%20notification&ea=prompt%20impression&_u=6GBAAUABEAAAAC~&jid=&gjid=&cid=1144404248.1647594748&tid=UA-3639451-11&_gid=1969399204.1647594748&gtm=2ouab0&cd1=desktop&cd2=loggedout&cd3=emily%20allen%3Banthony%20bond%3Binderdeep%20bains%20for%20the%20daily%20mail&cd4=article&cd5=2187999&cd6=%2Fnews&cd7=will%20%C2%A3148m%20euromillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F&cd8=2012-08-13&cd9=dailymail.co.uk&cd11=3503%3A9&cd12=513%3A403%3A16%3A16%3A0%3A25%3A53&cd13=23&cd14=%2Fnews&cd15=%2F&cd17=none&cd21=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&cd22=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&cd36=2022-03-18%2009%3A12%3A27&cd40=undefined&cd41=undefined&cd46=undefined&cd47=wv%3D1%2Cco%3D1%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&cd49=eligible&cd50=17.14.3%3A6.2.0%3A6.25.0%3A6.13.0%3Afe_desktop_default%3A&cd52=guest%7C&cd94=false&cd96=ads%20shown&cd98=undefined&cg1=article&cd38=1144404248.1647594748&z=1292880244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 01:53:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26328
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 29A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=3151125353826941&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame B77C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 21:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
300182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 21:49:43 GMT
OpportunityServlet
us-vid-events.taboola.com/ 		1 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_4_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:45 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
syncb
sync.bfmio.com/ Frame 09BF 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?gdpr=1&pid=170&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:45 GMT
/
trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 09BF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.31%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7906240616
  • https://sync.1rx.io/usersync3/centro/2069.31/b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?zcc=0&sspret=1&rndcb=7906240616
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-...
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Fri, 18 Mar 2022 09:12:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594766.361098,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Connection
keep-alive
Content-Type
text/html
/
sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 09BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29912

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:46 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
671e3132-1396-4915-a78d-82698abb7fd1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncb
sync.bfmio.com/ Frame 23D8 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?gdpr=1&pid=170&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-97-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Mar 2022 09:12:45 GMT
/
sync.taboola.com/sg/sonobirtb-network/1/rtb-h/ Frame 23D8
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29912

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-59
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 23D8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.31%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7929700500
  • https://sync.1rx.io/usersync3/centro/2069.31/b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553?zcc=0&sspret=1&rndcb=7929700500
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-...
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Fri, 18 Mar 2022 09:12:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594766.365243,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Connection
keep-alive
Content-Type
text/html
/
sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 23D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29912

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:46 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5e9c7a47-031f-4642-8d1e-bf659e1765ce
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 4DAB 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

content-length
0
date
Fri, 18 Mar 2022 09:12:45 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7482 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32856
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:46 GMT
vary
Accept-Encoding
sync
ssbsync.smartadserver.com/api/ Frame 91D5 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

content-length
0
date
Fri, 18 Mar 2022 09:12:45 GMT
click
hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/click
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html
content-length
1
cache-control
private, max-age=0
expires
Fri, 18 Mar 2022 09:12:46 GMT
date
Fri, 18 Mar 2022 09:12:46 GMT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.dailymail.co.uk
x-rs-ops
aka
sa
ted.dailymail.co.uk/s/ 		65 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a88::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d1a48485a139699a76d160053b18be56636963d4a5e72ba422ae4d64b2fa9b68

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:46 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-a3-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		65 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eeb085c48d45d08d4108175dd5b873f0c62591a8b8790c92935b3b2a1631f2f

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:46 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-c1-fe.rdg.mol.dmgt.net:8180
click
hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/ 		8 B
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/organisation/mol/analytics/track/prompt/click
Requested by
Host: hulkprod.anm.co.uk
URL: https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
expires
Fri, 18 Mar 2022 09:12:46 GMT
cache-control
private, no-cache
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
8
x-rs-ops
mol-fe-web-push-notification-c4-fe:8080
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=361407818&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ul=en-us&de=UTF-8&dt=Will%20%C2%A3148m%20EuroMillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F%20%7C%20Daily%20Mail%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=push%20notification&ea=prompt%20choice&el=closed&_u=6GBAAUABEAAAAC~&jid=&gjid=&cid=1144404248.1647594748&tid=UA-3639451-11&_gid=1969399204.1647594748&gtm=2ouab0&cd1=desktop&cd2=loggedout&cd3=emily%20allen%3Banthony%20bond%3Binderdeep%20bains%20for%20the%20daily%20mail&cd4=article&cd5=2187999&cd6=%2Fnews&cd7=will%20%C2%A3148m%20euromillions%20jackpot%20winner%20share%20his%20fortune%20with%20long-lost%20half%20brother%20he%20has%20never%20met%3F&cd8=2012-08-13&cd9=dailymail.co.uk&cd11=3503%3A9&cd12=513%3A403%3A16%3A16%3A0%3A25%3A53&cd13=23&cd14=%2Fnews&cd15=%2F&cd17=none&cd21=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&cd22=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2Fwill-148m-euromillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&cd36=2022-03-18%2009%3A12%3A27&cd40=undefined&cd41=undefined&cd46=undefined&cd47=wv%3D1%2Cco%3D1%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&cd49=eligible&cd50=17.14.3%3A6.2.0%3A6.25.0%3A6.13.0%3Afe_desktop_default%3A&cd52=guest%7C&cd94=false&cd96=ads%20shown&cd98=undefined&cg1=article&cd38=1144404248.1647594748&z=1468296227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 01:53:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26329
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 73C2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OKbT3A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame 1D4F 		0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:46 GMT
x-fastly-to-nlb-rtt
29138
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame B77C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c_Nmvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F69D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqTIWZogZXwzNLwp7d6ogoDKPYGALYhuWTxlcIUVL2bnOGh8FKmS6dPhMam3S0fRx-gOqT33tSX93J-z3tTlTlGKWxs0w1B3R3buhK82cnJwy3XI59&sig=Cg0ArKJSzImD3MFKyn48EAE&id=lidar2&mcvt=1066&p=43,1292,643,1452&mtos=0,1066,1066,1066,1066&tos=0,1066,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=0.97&vu=1&app=0&itpl=19&adk=3514381609&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594756798&rpt=8386&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B4CF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqK8VOXYVBgfDH7R9D34BsFUWss6VCV1jKNWL1sSs-JKcvm6XOq6QVWYDHGaJ8QfpxwCG0adwkUe2y7NOjyl_xoX3quv6cgMRjxa5FDwvxj4AMOjFYJKNrVYzq_Q2TSS8EYcoRqhzxY8K0gv1C-bhdR15a9wWdz2XLadU3UnWhPJkXycRgEaJuff02WTOrHxlt4PTyOwRRNAjSzHN1a5zNq-_5kgeJR4fStJX_3wpNxJs4EoE1qz_ESWuKo5z_ZVbSHtFNV11wNdmEXipiyr5ZYfzgHbrtBWkP0DPmoyotMhuumnkp3VSg5AMjBhig5q8xnu7hT-OWOk0pSBKu9RoDcttNfwAeuAneN3BQgagTaw&sig=Cg0ArKJSzN9WLHpVB-czEAE&id=lidar2&mcvt=1077&p=638,8,888,308&mtos=0,1077,1077,1077,1077&tos=0,1077,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=0.93&vu=1&app=0&itpl=19&adk=2340058067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594755465&rpt=9762&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22adCsm%22:[%7B%22ns%22:1647594755838,%22st%22:%22394.70%22,%22re%22:%22580.20%22,%22ldTot%22:%22185.50%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22ltvd%22:%22...
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/%7B%22adCsm%22:[%7B%22ns%22:1647594755838,%22st%22:%22394.70%22,%22re%22:%22580.20%22,%22ldTot%22:%22185.50%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22ltvd%22:%220.10%22,%22csmTot%22:%220.90%22%7D,%7B%22vdr%22:%222053.00%22,%22tdr%22:%222053.00%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594766348,%22ver%22:%22r-1.27%22%7D?cb=3731281
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XM7VYHAF84A89BPXPTC8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
/
crta.dailymail.co.uk/ 		8 B
452 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:46 GMT
/
173bf10e.akstat.io/ 		0
205 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://173bf10e.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:a9c::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8635 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgwRZE9Z16X3PloLhvP3-QZktR01q-JbZX7QD4arTwB40eYgfApReJpzrT_x2J6JTxjIA4Xxo9PFLriZ5e1NA&sig=Cg0ArKJSzDU1KFIGpBsjEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D2169,0,0,0,0%26mtos%3D2169,2169,2169,2169,2169%26amtos%3D0,0,0,0,0%26mcvt%3D2169%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2169%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D534%26pst%3D558%26dur%3D15018%26vmtime%3D2005%26dtos%3D2169%26dtoss%3D1%26dvs%3D2117%26dfvs%3D2117%26dvpt%3D2117%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D9375%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2169&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D2169,0,0,0,0%26mtos%3D2169,2169,2169,2169,2169%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D2169,0,0,0,0%26mtos%3D2169,2169,2169,2169,2169%26amtos%3D0,0,0,0,0%26mcvt%3D2169%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2169%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D534%26pst%3D558%26dur%3D15018%26vmtime%3D2005%26dtos%3D2169%26dtoss%3D1%26dvs%3D2117%26dfvs%3D2117%26dvpt%3D2117%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D9375%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2169;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=QYNMgZCWoe2wivPIO6T0&cs=1
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjRM-gAN66WnSAAy&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjRM-gAN66WnSAAy&expires=90
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594767.744505,VS0,VE8
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjRM-gAN66WnSAAy&expires=90
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0B82 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy_GhNAkDfUr_ilpJElf22oZ9QNrAB-B4Mcal0iKzQufYJ7NK6J78dl_0NG-h0rJqIoy10fVjJ1Zfv2m9feKaSIBsBspPDkkH8NhAgdbFX-73oz8Nxzl3JMCz81mVfuVxKAIuQL9LG908VJafbOT-E8wkTE8Hd2arI-yeKhi6zujJfuJfX_aAiu6Go8XbydZt6Cb7jli3F6oZS1K58kOpu1azSJB09DJ-zIBv4dk_9HswQuzQaQEnlZpY4Jyk4RVXjA2W07QCpMuX5cgzFVFArjqSIGRjo0bysrF-st31Ciot4m36hUXq0WaauJ0fY4lzbxY6x46CNBUqTSGPCpFOyxpWqY4XXTTqjdwH6kA&sig=Cg0ArKJSzFc22Y2GREUUEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.505.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dbbbddc5-ed24-4925-900b-75939d078d97
beacon-iad2.rubiconproject.com/beacon/v/ Frame 0B82 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/v/dbbbddc5-ed24-4925-900b-75939d078d97?oo=0&accountId=9929&siteId=205750&zoneId=1013472&sizeId=201&e=CBADCB97774921C670C78EE45E20475225DBB96A9C45CDB26ADAC42766AC2DEDE8C90438367BC59EE60B421FEDB911C500C763CD161E704AE4A3E4CD38ACD5F7F84629A4AE9401F729ADFEA594FC14F37D57CC37354481C5F2D8D18E74D85E318661FD3E856964F5113FF98451AAD008232D3FD556131E56207E14201F1CE1CF0C7CA7D5DFC634468309604DF634DCD9CACB56A9F7C2A909C226F066AC0DDAF6D782D2087FAB8E13017B277504512F39AD4D8A0C0D6C54B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::44 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:46 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAPdnAIGBJeFYsSus12_Om0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YjRM-gAN66WnSAAy
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YjRM-gAN66WnSAAy
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647594767.757579,VS0,VE0
x-served-by
cache-ewr18122-EWR
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YjRM-gAN66WnSAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f67a371d-f285-4ca2-be6f-f2af79502cb4&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=695
  • https://pixel.rubiconproject.com/tap.php?v=7206&nid=1197&put=53845701-5679-42cb-af55-faf54af017af&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7206&nid=1197&put=53845701-5679-42cb-af55-faf54af017af&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
server
Apache-Coyote/1.1
location
https://pixel.rubiconproject.com/tap.php?v=7206&nid=1197&put=53845701-5679-42cb-af55-faf54af017af&expires=30
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a41e6234-4cfd-4600-9afd-9c92d96c3201&expires=28
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a41e6234-4cfd-4600-9afd-9c92d96c3201&expires=28
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/gif

Redirect headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
MT3 4256 109297d master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a41e6234-4cfd-4600-9afd-9c92d96c3201&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:45 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=mXDI4agD1Nv8EU5&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=mXDI4agD1Nv8EU5&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:45 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0dbcefd936de3bf58@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=mXDI4agD1Nv8EU5&expires=30
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGn007EaJoAAAyap1piaQ&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGn007EaJoAAAyap1piaQ&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGn007EaJoAAAyap1piaQ&expires=30
Date
Fri, 18 Mar 2022 09:12:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tap.php
pixel.rubiconproject.com/ Frame 0B82
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OCWrorkGYl7Bdda46ymLbQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Content-Type
image/gif

Redirect headers

date
Fri, 18 Mar 2022 09:12:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3851859134504202246
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
impression
post.update.rubiconproject.com/2/873648/ Frame 0B82 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://post.update.rubiconproject.com/2/873648/impression?cb=1647594749&ip=96.9.249.42&ti=dbbbddc5-ed24-4925-900b-75939d078d97&pv=0f92143e-b24d-41a9-97d5-0cd9304a2ff1&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F99.0.4844.51%20Safari%2F537.36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.190.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-190-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame 0B82 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&cp=2528462&slot=1&x_price=55FC6852F576BD07&ets=1647594750008&tz=America%2FLos_Angeles&source=rubicon&fc=1&fci=1&country=US&region=NY&mc=48&ap=0&ut=0&vis=UNKNOWN&site=3ULOuOEPIKm4jjXMIVZG&bp=852940&curr=USD&exr=1.0&fid=btXxJqnWClDtkAjBpZEd&c=4118135257&ccurr=USD&cuxr=1.0&a=460649&ca=721054&st=INSTREAM%7CINSTREAM_VPAID2_DESKTOP%7CVPAID_JS%7CUNIVERSAL_VIDEO&sh=225&sw=401&rid=4212&mp=163&psk=3ULOuOEPIKm4jjXMIVZG&cfc=0&cfci=0&dur=30&cityid=-1&metroid=26&countryid=232&postalid=5349&duration=30&v=1&auth=9jXHc7KxxVqydMJgxmnp5P1ncxQ&x_r=Nvs00w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.138.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-138-137.compute-1.amazonaws.com
Software
adobe /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-pt
P=328 0=0
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
server
adobe
expires
Thu, 01 Jan 1970 00:00:00 GMT
e.png
playtime-tm.everesttech.net/audit/ Frame 0B82 		80 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playtime-tm.everesttech.net/audit/e.png?event=blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/795B) /
Resource Hash
bc614a222ee109e8bdb51477ae20a05f17c6fc97f61be458626cb1f600f521dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:46 GMT
via
1.1 varnish
age
16254
x-cache
HIT, HIT
x-cache-hits
283
content-length
80
x-served-by
cache-ewr18122-EWR
last-modified
Wed, 06 Feb 2013 23:00:20 GMT
server
ECAcc (nya/795B)
x-timer
S1647594767.781638,VS0,VE0
etag
"1478688197"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
expires
Fri, 18 Mar 2022 06:37:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B82 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9iWY_Daj9vBGtGvdNh1gKSbZQ4Ei08Ooe1ykKugSXUo4AwmeA4SIbYgh9MW-qbGXD_yhUDS6cRnIr4BxpY4y6BQrZbyEpxlzuHJMaqU65RMX-QR20&sig=Cg0ArKJSzJ1fu-Ai54eaEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D23,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D16912%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1647594753953&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.dailymail.co.uk%2F%2Fnews%2Farticle-2187999%2F-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=0&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=12513&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=0&ag=76&an=0&gf=76&gg=0&ez=1&aj=0&pg=100&pf=0&ib=1&cc=0&bw=76&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12480&cd=0&ah=12480&am=0&dq=152&dr=0&ds=152&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&wx=RubiconProject%2CGDFP&wy=4265642%2C5531887826&wz=%2C138329649563&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=270196086&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:46 GMT
/
crta.dailymail.co.uk/ 		0
0
/
crta.dailymail.co.uk/ 		8 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:12:46 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594766826&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
01d2f79f76c162b708feee3892b283cb057745d1f02c6ae63e3987ec3869f392

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
content-encoding
gzip
server
nginx
machineid
1162
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=1&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=12516&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=0&ag=76&an=76&gf=76&gg=76&ez=1&aj=0&pg=100&pf=100&ib=1&cc=0&bw=76&bx=76&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12480&cd=12480&ah=12480&am=12480&dq=152&dr=152&ds=152&dt=152&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1967308860&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F69D 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=1344519207341694&bg=!n5ylnNjNAAba2mK92to7ACkAdvg8WqNVx9BHiZChS1C-N8jCzlaz_VzAnXAE5c802VZrYK6YFKoPPAIAAAHwUgAAAAJoAQeZAxV1xWaNsW7YgW6RwPMiL_hE6c1qhSz3pJsJiB5lB_Qz88K69Ny62j7YA5XpkJQ4dbekoFsAfKs4i_rXwoT9HmRfMY3MrHVbbyDovpMr2hRvpW90Duo_9AjCclj462vYHkmL4B68U0CZLn1D_hRKjSq3PTEqVuQ3YkNPpoQr2uZSEx2KiNdP__iG6KzSgClS98Zeeljr1QH3M-sTEml1_in2nsxTOkjIFJ5VvQDUvsbYLvCwKdz8C4saluuZuGV4HRahwJ2p9oM9NwwabS9tFxBd2joPYmxG_nyr_mULRHse6bjeASEFNY34l8X2_T_Sczg0_KcaEn5f08f2l2EKssmJ3Ycp1CydpLV08TeKH7iFJI944E8y7dYO7JE-bSC0SYppBS_YFJxmzVLocN7MQC-pMBB_4aPE8G5UT3RLlY6on5algWm1SXdqjShAdO6o3lef1ChBYyoq4rw3UJ3slkwxc3WffsYgCWxbeitwKpo1pBpRJHi8xickKytiV0R71WmPwVlvuodaVH6dzlixCQnyia3eAhXCdZl0oCt6xsJmHsHfBVX0rYZrO0Ke9u7PtS3tyb1zYFcLn05LAaijoa2vt_SPRa-gXkxa3DigXQ6pFb935sKx3nXxwOyv9xqMYQYoQysl1Z6tHlfOOdD5wlm52Yh3ClSE4Q3yZXCAxEnUf6zrexXiLy8tcbemSnrRTr-zyD8vZrQ6gNIKNpwi8CsfK4y9X80ga_gSrvw0A40_gCCSCEIBFrcr9VIhrr7ffFsEATlIdyjmcHynsN378knr7SG3cqXhFh0vzyN0AzUmfPsw289dTPPMFizjTMNn1Ct0hd1nASlanI6flcr1MGdxqWgcamSnUsK93Qvn-gBAI-nGEFBbDlMthd5QjjHXTWNhJNwxwxaQssO8fd4d1OwcC_JEviRzr_qe96V7NYc4KKXor4xLCJcSHziOm6QgYNcCvVMnGX7YVky3e6ou34OibM02GoyBDhCzAu_LHgCCyZjuCi56u11TkNHj2qiIgwlvLIN248hCWwEo6qVRWtNhGZ-c4qo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=3151125353826941&bg=!REelRwPNAAba2mK92to7ACkAdvg8WooiB_hax-rfmgHB0uYup91PKadEGEVxVyZkqBgdgoQl2leyFQIAAAHrUgAAAAJoAQeZAsOfi38DaZ4lBKaY-WQQtYaE5T6_lIhTl4hoazFrYPEQh5CcIimUBFM3teEsGqWvrFQXX98ob4Zha8zyZspjaQBD3zQtIsOmWBtca1DMXC7Qbu6qq8eguVSypwkY629w_X_2eV91Q5NfCTBq1k3mBKsRS5lsu_a4tpYG-78ePlrhA7zoDUxT2H3wmtxRhd8r2L5pXBw7lg9iYl_LeqW8pCDGzliiFe7_EbFn3WhCL95tzLMczBrozDHV3vCVTdzAkXe7xraLvoH7bFu5GeK_rdm9STuwRK5IERbAbnpC1cI5cMaYZuObdqZyiotn60CeBdC6x_-7N1z5T5cRC1vbvGRxxkQ1HTC8GlpCZ_tqhe-qfXr_dkTkbavie2KFvz0evis4EGE2ZexZKb0ZBKgkgUQaX2GxPKJ72Qux-QQHCxsT32H9zsJttnLV9PAUFYdPnyxPTdiBjC4HyUfAHJI6bR425tOzf8FXh42PgzZ-q6LXJzDYkI6go2YdewWQ-E_S1RhygBeeYXgPY-3w4ODgzOboUnnBzdcLUPZ-4D9oI1qHbum2RaipJkcHQI97XtOGd1ATOiS5uoONOiQY78TJSRskFxIs2NjTu5yhSdi01Dd0rbubvR9P3yQbqUmRbE6h3tVZqz0IOY-Tw1WOzxl5yGqEAUpBz45IT6xHcAmt4BW4YgXIJC335PiKf0zmgVL1spH_eAUiQ06HAAFg7gjXMI7aIEF5vs7hkeVJqgCD1oEgJctYviw1Tvz9n5KBXy-LRN61ZdY_JKaepG5gs9IhUFkXjg9YQwIfwqeM1ewGfIetS9-6U6wD_PwlTwL5e0MIolLR5XKfZOb6zDFDc2afutx89xacHal1PRUpUDicFmWBQLAz1D1LQmBXdcHiNr65XmrGEbjlJvijHK-TC7XRFIU7Y4k6oaBjwsU0X115hUHSk01diw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B82 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9iWY_Daj9vBGtGvdNh1gKSbZQ4Ei08Ooe1ykKugSXUo4AwmeA4SIbYgh9MW-qbGXD_yhUDS6cRnIr4BxpY4y6BQrZbyEpxlzuHJMaqU65RMX-QR20&sig=Cg0ArKJSzJ1fu-Ai54eaEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D2171,0,0,0,0%26mtos%3D2171,2171,2171,2171,2171%26amtos%3D0,0,0,0,0%26mcvt%3D2171%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2171%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2171%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D2171%26dtoss%3D1%26dvs%3D2171%26dfvs%3D2171%26dvpt%3D2171%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D33%26emuc%3D0%26emb%3D32,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D19081%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2171&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594753953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=fc90bebe-df0f-4783-9136-4dadff05fcca
Requested by
Host: 5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
URL: https://5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app/5aa8f0a2-0c93-444a-8596-5e5dce694b36-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b8ee35bfefe82938cf844829226d89e5e933c2668512ddf9426c912d728e1d5d

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:47 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
via
1.1 google
/
sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/ Frame A48E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fappnexus-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28467

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:47 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b25c7e8b-e973-4d7a-9a11-5d0349f2cad7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync-t1.taboola.com/sg/appnexus-network/1/rtb-h/?orig=video&taboola_hm=6359460436251910749&us_privacy=1---
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.taboola.com/sg/sonobirtb-network/1/rtb-h/ Frame A48E
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28467

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-59
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame A48E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.31%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=720942884
  • https://sync.1rx.io/usersync3/appnexus/2069.31/6359460436251910749?zcc=0&sspret=1&rndcb=720942884
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4-...
  • https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Fri, 18 Mar 2022 09:12:47 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594768.643429,VS0,VE19
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

Date
Fri, 18 Mar 2022 09:12:47 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
Connection
keep-alive
Content-Type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 96FC 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?gdpr=1&callerId=4&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

content-length
0
date
Fri, 18 Mar 2022 09:12:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5242 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32855
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:47 GMT
vary
Accept-Encoding
/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame 579C 		0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:47 GMT
x-fastly-to-nlb-rtt
28467
access-control-allow-credentials
true
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:47 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=13433&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=1003&an=76&gi=1&gf=1003&gg=76&ez=1&kw=13187&aj=0&pg=100&pf=100&ib=1&cc=1&bw=1003&bx=76&jz=13187&dj=0&aa=0&ad=893&cn=0&gk=893&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13187&cd=12480&ah=13187&am=12480&dq=859&dr=152&ds=859&dt=152&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=27&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=2054210682&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:47 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=13435&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=1003&an=1003&gi=1&gf=1003&gg=1003&ez=1&kw=13187&aj=0&pg=100&pf=100&ib=1&cc=1&bw=1003&bx=1003&jz=13187&dj=0&aa=0&ad=893&cn=893&gk=893&gl=893&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13187&cd=13187&ah=13187&am=13187&dq=859&dr=859&ds=859&dt=859&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=27&vt=27&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=531701376&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:47 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=13638&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=1208&an=1003&gi=1&gf=1208&gg=1003&ez=1&kw=13187&aj=0&pg=100&pf=100&ib=1&cc=1&bw=1208&bx=1003&jz=13187&dj=0&aa=1&ad=1098&cn=893&gn=1&gk=1098&gl=893&cp=13407&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13407&cd=13187&ah=13407&am=13187&dq=1079&dr=859&ds=1079&dt=859&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=27&vt=32&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1686771492&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:47 GMT
usync.html
eus.rubiconproject.com/ Frame D423
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&CACHEBUSTER=957517
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:48 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date
Fri, 18 Mar 2022 09:12:48 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame D423 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:48 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22100
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D3907,0,0,0,0%26mtos%3D3907,3907,3907,3907,3907%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D3907,0,0,0,0%26mtos%3D3907,3907,3907,3907,3907%26amtos%3D0,0,0,0,0%26mcvt%3D3907%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3907%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D781%26pst%3D558%26dur%3D15018%26vmtime%3D3907%26dtos%3D1738%26dtoss%3D2%26dvs%3D1738%26dfvs%3D1738%26dvpt%3D1738%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3907,3907,3907,3907,3907%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D11114%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,3907;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=210002;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 3CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pct25
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/pct25?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&pvId=1&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&vol=0&dur=15&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:48 GMT
via
1.1 varnish
x-pt
P=195
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:48 GMT
match
ads.betweendigital.com/ Frame D423
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L0W7DGRS-P-64GH
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L0W7DGRS-P-64GH
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L0W7DGRS-P-64GH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L0W7DGRS-P-64GH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d0cea2fb47f5ddedaddf61763f0aedb4
Expires
0
perf
ch-trc-events.taboola.com/dailymail-us/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/dailymail-us/log/3/perf?route=US%3ACH%3AV&lti=explore-more-header-ab-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=videoplaytime25&ad_mt=3907&acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D3698,0,0,0,0%26mtos%3D3698,3698,3698,3698,3698%26amtos%3D0,0,0,0,0%26mcvt%3D3698%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3698%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3698%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D1527%26dtoss%3D2%26dvs%3D1527%26dfvs%3D1527%26dvpt%3D1527%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3698,3698,3698,3698,3698%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D39,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D20608%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3698&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=14291&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=1642&an=1208&gi=1&gf=1642&gg=1208&ez=1&kw=13187&aj=0&pg=100&pf=100&ib=1&cc=1&bw=1642&bx=1208&jz=13187&dj=0&aa=1&ad=1532&cn=1098&gn=1&gk=1532&gl=1098&cp=13407&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14046&cd=13407&ah=14046&am=13407&dq=1718&dr=1079&ds=1718&dt=1079&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=32&vt=106&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1870176844&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=4809&fi=0&apd=5034&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page5&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=13&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=4809&fi=0&apd=5034&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page5&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=14&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
vimp
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/vimp?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&vw=0&vh=0&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1&vwbl=t&vver=20200211&vpct=100&ifr=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:48 GMT
via
1.1 varnish
x-pt
P=199
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=14522&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=2092&an=1642&gi=1&gf=2092&gg=1642&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=2092&bx=1642&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=1982&cn=1532&gn=1&gk=1982&gl=1532&cp=13407&cq=0&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14272&cd=14046&ah=14272&am=14046&dq=1944&dr=1718&ds=1944&dt=1718&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=106&vt=135&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=738051595&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=5290&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&lf=528&lg=1&lh=299&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=96&vx=-%3A96%3A-&pe=0%3A2472%3A3021%3A6312%3A4965&aa=1&ad=5040&cn=1224&gk=0&gl=0&ik=0&ic=0&ez=1&co=1224&cp=1194&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5034&cd=1449&ah=5034&am=1449&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=STACKADAPTDISPLAY1-sa_content&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jh=5&jk=14&jm=-1&mr=6&ml=214464&tc=0&fs=197273&na=716990858&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=7&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=14523&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=2092&an=2092&gi=1&gf=2092&gg=2092&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=2092&bx=2092&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=1982&cn=1982&gn=1&gk=1982&gl=1982&cp=13407&cq=0&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14272&cd=14272&ah=14272&am=14272&dq=1944&dr=1944&ds=1944&dt=1944&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=135&vt=135&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=872433955&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=3&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=8&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=14726&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=2296&an=2092&gi=1&gf=2296&gg=2092&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=2296&bx=2092&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=2186&cn=1982&gn=1&gk=2186&gl=1982&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14496&cd=14272&ah=14496&am=14272&dq=2168&dr=1944&ds=2168&dt=1944&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=135&vt=148&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=394410983&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:48 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=5505&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&lf=528&lg=1&lh=299&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=96&vx=-%3A96%3A-&pe=0%3A2472%3A3021%3A6312%3A4965&aa=1&ad=5255&cn=5040&gk=0&gl=0&ik=0&ic=0&ez=1&co=1224&cp=1194&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5265&cd=5034&ah=5265&am=5034&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=STACKADAPTDISPLAY1-sa_content&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jh=5&jk=14&jm=-1&mr=6&ml=214464&tc=0&fs=197273&na=1344424663&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:49 GMT
957517
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame ABC7
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:49 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:49 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/957517
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
m
cm.mgid.com/ Frame ABC7
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&expires=60
  • https://cm.mgid.com/m?cdsp=433145&c=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy=
  • https://cm.mgid.com/m?c=7c645530-439f-430f-be08-f3bda86d545b&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?c=7c645530-439f-430f-be08-f3bda86d545b&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
Protocol
H3
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6edcd94fdc4de6ac-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://cm.mgid.com/m?c=7c645530-439f-430f-be08-f3bda86d545b&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6edcd94f2a9f1835-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
onetag-sys.com/usync/ Frame 1762 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4&CACHEBUSTER=957517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
a34f8b5a8cab6119fdcea0072fb1f4c60e603a553f05b75e37dae1a7f59918cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1450
strict-transport-security
max-age=15552000
all
csm.us.criteo.net/ Frame 999A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=dD7rnr6B_In13vMt5mQ5nPWMgEF9m-48JHPN2QVaZ9tVEYf25E_g6-reJNpZcisNV6BohWw4hY8sZKjnT2ShFqvL3jWlo-RHu3KQmD8G3MAJT72rgOOGB2WDCJmUsr8NV3gZF4MrVBFjr7CJOwHDWgEw-cz4IQS-3eyhUpGtBbck8HAGLfqf1vLDJ92qlnETih0O2-YAd5eJGGSyrTRT8tt1zlqT-_VdMv8ifdSXYop9v1RX5qKs5KxIOpM&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0ajSDM_6CHuv059hS-ZK-PiJMigDNeoitdUDf_qsN1OmeoLAUF9Rk8D8WE7X98RROIXo9sxhVdBK_1Mf1Vq5qkmNXJQGmnPurbw1vCvwKC4c1Rb_FnIjOpbKy-h0f9H0MNd5dwoI-MLRZU5nwFbba7aIwYrvC9do7bp7UqhdKY9sd70_4w9bU0pREdqVRf4wHdMJpbh9XZ8aI0MEBrDViI29WH3hm5dbBMt36sC8lPYI-yiF-ghfqA_6Yr4vlOeJpWSuzxWcq8Y8TlBfF6XbMg1ALwKU_hXDLqQJBor8qC6exRoe12aH4T9wpdeT8MX__jBDhfu3_lsHtVHYl_DghtKi0EIX8Lqs2F59871FSPBbrv-jOs9uKKg3kpTHOdHAhwRf0hPdOXoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
a41e6234-4cfd-4600-9afd-9c92d96c3201
onetag-sys.com/sync/i,1/ Frame 1762
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
  • https://onetag-sys.com/sync/i,1/a41e6234-4cfd-4600-9afd-9c92d96c3201
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,1/a41e6234-4cfd-4600-9afd-9c92d96c3201
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 18 Mar 2022 09:12:50 GMT
Server
MT3 4256 109297d master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/sync/i,1/a41e6234-4cfd-4600-9afd-9c92d96c3201
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 18 Mar 2022 09:12:49 GMT
L0W7DGRS-P-64GH
onetag-sys.com/sync/i,2/ Frame 1762
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
  • https://onetag-sys.com/sync/i,2/L0W7DGRS-P-64GH
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,2/L0W7DGRS-P-64GH
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/sync/i,2/L0W7DGRS-P-64GH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d0cea2fb47f5ddedaddf61763f0aedb4
Expires
0
6486416200911656969
onetag-sys.com/sync/i,34/ Frame 1762
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=17vAH-a_xcNIyXvst3rkugaXT4zP7clyOy57DOHTEUQ
  • https://onetag-sys.com/sync/i,34/6486416200911656969
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,34/6486416200911656969
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/6486416200911656969
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
onetag-sys.com/match/ Frame 1762
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6359460436251910749
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6359460436251910749
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:50 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9eb833c3-ae75-4259-91b1-91f43245a925
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6359460436251910749
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1762 		42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=17vAH-a_xcNIyXvst3rkugaXT4zP7clyOy57DOHTEUQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif
sync
pixel.advertising.com/ups/58198/ Frame 1762 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1762
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABf5xND056mOUtd6xKhz6p-NBavUoWy3wyxQ
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABf5xND056mOUtd6xKhz6p-NBavUoWy3wyxQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABf5xND056mOUtd6xKhz6p-NBavUoWy3wyxQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 1762 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 1762 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
content-length
0
/
onetag-sys.com/match/ Frame 1762
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6OwDdlBB7EgHp_K4SyUaU&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6OwDdlBB7EgHp_K4SyUaU&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6OwDdlBB7EgHp_K4SyUaU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 1762
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2605685dca9121c&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGbf6_kKU1zwMf37nbAAAAAAA&expiration=1647681170&is_secure=true
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGbf6_kKU1zwMf37nbAAAAAAA&expiration=1647681170&is_secure=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGbf6_kKU1zwMf37nbAAAAAAA&expiration=1647681170&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 1762
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ
  • https://onetag-sys.com/match/?int_id=92&uid=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-qiYqpANE2uEhtkrzkJe0G0V6aP_n0IXCpwLb3uk-~A
date
Fri, 18 Mar 2022 09:12:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/sync/i,29/ Frame 1762
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/sync/i,29/?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=1650186770
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,29/?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=1650186770
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
cache-control
no-cache, no-transform
content-length
64
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/sync/i,29/?tdid=f67a371d-f285-4ca2-be6f-f2af79502cb4&ttl=1650186770
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
211
/
onetag-sys.com/match/ Frame 1762
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=758cadc7-c8d4-4002-9260-448ab8a6aeda&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=7c645530-439f-430f-be08-f3bda86d545b&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Mar 2022 09:12:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 1762 		68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=129&external_user_id=17vAH-a_xcNIyXvst3rkugaXT4zP7clyOy57DOHTEUQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
all
csm.us.criteo.net/ Frame 9E96 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=d9Pm9r6B_In13vMtyHbL3YLNswDk7u_5KyZPq2F5JDYZTmr2nVA8McLjIR7kdwRatr6MT3m2WfYvoSj4RR_M59n36zSW7a2unGSB21fQzidMLUnY6t_QTPV6lnqf4KImBWB81K-OO26Dx4rEJZdPria8k3wyIgFiVXie32FTsRSm2iSezLmmiTLuA-kZ-_Xa7t9C0tHzshoXxh5U8hfBVjDniNFqB_nsie0ZKUL32JJpRFt3aBPDe7xe6Z0&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0fYBJgMpfF7IKA49NO8osQm--JcV73556dNz-WBHYH9E9-Lyz6sepPRF5YjWusPFKiL0dy4U3CadyivPXoPpotycF_SUoM_75z2UHN8ggu5fY3GEjN7IgFV7AK-PQritCvLUyMWgkiuPV2_lqLWZ_FT9myDa2BJvj4U_-90XOxKCZBho47GFXitlVxHRaCnEJX6FEbay3Yt0DANMm6L4MNGEWoCZ5i6Ycxd34TFPLiMo-6Bx815129tCTFsU6s45pvobDANGf_WRGlIk-voMbExrwBnvJZFl2cW7v04V2bl4VwYbGcQM3i6eqP9FsHuNlqOi53lI5PN4jVBtI01SYuP3NNm21HE_9T2leLa_UuuSI0fEO9MI7QwSCTo0k3Bsmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sync
ch-match.taboola.com/ Frame E96D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
30a259a035d5f20ffcdf6667bf50f62e4ce99425e13df39199f366e3092305be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:50 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3802
generic
match.adsrvr.org/track/cmf/ Frame E96D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame E96D 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
x.bidswitch.net/ Frame E96D 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 0BE3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Mar 2022 09:12:50 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 18 Mar 2022 09:12:50 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
cm
us-u.openx.net/w/1.0/ Frame 8F71 		43 B
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V770sCFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBvQHGrWbjDgMyobG26wGw81kNhusRoPJcDgcgkbtJiMOg7Kh8TarwXAzWU2Gy9VqMlztprBhLJfJoBaIXJ6v6W94i1ier-lveOuaJpcbAgnRdDp8rnu97ve7ixxOs_PtcJrtGr9d9fXLXb7PX2E5PT1ml1uyGO6Wy-Ve1zSb3YrRcO1WsS5_N9NsdvrtnrfU4fEa_qa37mm3uyxvzdFhebllfsvpdXe5xX67zy32e05vocNsc0ssf9PRZXmrXaa70PQ22wEAAADgASDJZx3iBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAACJTA2CcgyHtJqfD7jD8zU7PPwAAHhRAAAAEMEgABPC-SgAoFHJPAAAAAAAAAABY_v___2MA8pBXZQAwmtp6AB58AB6IDjiKGAEAAACAJeSrHE3qhMqiCgCAIN0K4AoAIOCPk8l3OwwAAGBgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owl5hCOlCbN64qr9AgIArP0CAgCwqRsAwJsAXNAZ1Gi0GY5WN1CrwewAAAAA7v7____1QHJjG25mq-Vo47JZlqPJyLGxGUaO4Whh8exGFs_23oNmwjf15Z_6Kojl-Zr-hreuaXIZxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmLJ5bLaVZ7DWeBzLtWi3WK2VM8tqrTEuBiuHb-JcbWZr0etjek5GJstuY8WD-bic-9qFi4IBd3sRXKQTkcNpdr4dTrNb9bmIJZqTRTqRXfbNjW24ma2Wo43LZlmOJiPHxmYYOYajhcWzG1k8-5bNY7OtPIO1xuNYrkW7xWqtnFlWa41xMVg5fBPnajNbi14f03MyMll2G39jNtqtlqPdaLhvzEa71XK0Gw33HTrDd_U5G22977ljEpmf15k1Zj4oXAaLd1q0SFuHo89oUi8mrtP4fG5NrCZxxWtQeA4e1eJvDQs7h2V1ti0rHAeDIpYIThfpRPQyni5iieRpkU5kK5PJthw5No7dauHaLWerzcYzsywsE99gZPHNLGKJ0nSRTvRyl-_zV1hOT4_Z5ZYshrvlcrnXPc1mt2I0XLtVrsvf7TSbnX675y11eLyGv-mte9rtLstbc3RYXm6Z33J63V1usd_uc4v9ntNb6DDb3BLL33R0Wd5ql-kuNL3NFvUfF3I2V84lo-VcNFklAAAAAAAAAIAlzJk3AQAAADgNYrYYDnfLBXgw0tMFBgEAAAAAANh1yfvECtYNli5u_JiBHE6z8-1wmt2qz5UBHozumDd7Joi1Wi1rAAAAAWwAAIAAbt28BZJOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 18 Mar 2022 09:12:50 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
%7B%22adCsm%22:[%7B%22vdr%22:%224017.60%22,%22tdr%22:%226070.60%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594770588,%22ver%22:%22r-1.27%22%7D
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/%7B%22adCsm%22:[%7B%22vdr%22:%224017.60%22,%22tdr%22:%226070.60%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594770588,%22ver%22:%22r-1.27%22%7D?cb=9313744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZMDSMNRN2MS6BYC9QHZY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
all
csm.us.criteo.net/ Frame EC20 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=k23LxL6B_In13vMtF7A1Vlosp-lp548zp0WNKbY_KSO6NSBF7mnOfTyYjSUBGoqKsyerOgVJBEALxe6Q9NIu-CnnWAH6C_PtttXwvWC5JKmRhl_cO6gWmGfQpEIaoKB2AP26vY8b19Py520e4ppuqsIjKkhAJ43Ysmqo1P5jcqb80Q0CByN4IggT5mxybOwxM_ctvMaBCCm_hJoyEJvMWF14mSeFgpF1Ny_t7dQy7em8dZlCZ7bolzKgaJQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKd-bk7VvaeQ0W09c60PoMzurVlWl9c8oX4HMJeg6xp8Xt7ERtU1KtwoY2Bg1qq7o1GOsUBeykHTNVIyw2i1PrvyeQg499hfjHqcG8l2rwbX74_fPyf5DXiwUpQbT-3cpLNehyPW-F9W1u-GCc0Wkch7hWXiXMufsSsMk-9clvV6SveixIzSZl1jDOnoNRNlPfOZHsc2DlN0mLXiQcSUvVhe_azDZYSZsliMuUecG03UJPQxxhoeMAHegzpP5JyCyHKvNI-9BWiFsuRy-0BeqbxmGoAy2Ed7pKKwJ-txu4sPutZ8hyIxSbmdBNt2rVhRlcrG2etEm0pMlsVddXJ3OxDlTH4QiMVJdiCnDYQvzMCvJYMZVX7hqRtMfdBdd3JBRJWJKgWZSag-aA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
usync.js
eus.rubiconproject.com/ Frame 0BE3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=22098
content-type
text/html; charset=UTF-8
content-length
9539
expires
Fri, 18 Mar 2022 15:21:08 GMT
4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
an.yandex.ru/mapuid/betweendigitalis/ Frame ABC7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
  • https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
  • https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 09:12:51 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 18 Mar 2022 09:12:51 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 09:12:51 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/4583e0ec-e0f2-514d-bbae-6eb4d99a23b4?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 18 Mar 2022 09:12:51 GMT
all
csm.us.criteo.net/ Frame 6DB4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=lLmZob6B_In13vMtNQHOHiugvmZhuip7oyMF4dQi_IIjPOYYjlGte-8q1kmlVN7XZskEbuIDS7LDGWlUyH7ws-vAOhhWE-YorwUEcE-CrXT-KNMIjGGwGZhE5QJM5M8LLzvOgPMOZD2skil3GVmoZVWJKsYI7qkL_a1gx5RdJifne3R6v0u7IR9OtM0tE7NQmrsT-anOlNyw_YkN8GtOiL0os6RwYaaSVwtjeQyF-PlKJW_QbpTSLogZcxE&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C5smwIXTCNln%2F3LrfjmQLoDYjUMrUpbX6En93oabSPhY%3D%7C&c1=RO2ah0laAUxGLALnPkg9wxTyUjmpnP02UIBV6Yo-5Idem79BK2z8S64WNBuqILt5IGs-HRlqeKcGWtUBllEMCXWrKIgTyt4FEyPWuWe7PhFjvgkzl6E2mrw9RScUqWrAJcZ9iONJ3NenEeIKyi0YjAjVQDC578TpO1JTXlVF_e8W6TnZmeKMjCQzihkhMkFiUCWkQRUCGAVVm_VYapX9WDtXeth_auJhbdDvQZswkLTSigtes0plPDBh55bhF7Ak5K7JKh3uWgbgYxQw1qVbGTs_cbJkD7-8TW6P4ahNx-g-4WHmAJpv_-TSaoPEuL66iek-g5rNbVoxYcNCQgU90swJKzHunWLpPh-lhSuMaCDQhxt7_EdzCcaMwyO9EhRwIUz_71iR7nyXS-9Qg6XCYbq1j-L2Nm12hjsmThYX5DKghxstnE53HVy9t3RZQ0g5aOVrDpSbjflvP6vCI_smog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:12:50 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
/
sync.taboola.com/sg/sonobirtb-network/1/rtb-h/ Frame 9B0F
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsonobirtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUID%5D
  • https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33014

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-59
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.taboola.com/sg/sonobirtb-network/1/rtb-h/?taboola_hm=34b7d6cc-17db-48b2-b4e5-670609a4629f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
sync.taboola.com/sg/rhythmone-network/1/rtb-h/ Frame 9B0F
Redirect Chain
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4...
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33014

Redirect headers

Date
Fri, 18 Mar 2022 09:12:51 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Connection
keep-alive
Content-Type
text/html
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 9B0F
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33728

Redirect headers

date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
vakzpIiqyUOG1PghCstBcJQC8UhdGkCWFA0-bLJG0BGabAkrq1jMFg==
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9B0F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1---
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-...
0
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594771.206269,VS0,VE22
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33728
1491
rtd-tm.everesttech.net/upi/pid/ Frame 9B0F 		85 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
16a8e97a93ce245b4e254f9a3365a9de33fdb0f0789f12b3e54f12186d64931c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594771.049719,VS0,VE14
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
/
sync.taboola.com/sg/rhythmone-network/1/rtb-h/ Frame 9278
Redirect Chain
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4...
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30290

Redirect headers

Date
Fri, 18 Mar 2022 09:12:51 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Connection
keep-alive
Content-Type
text/html
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 9278
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33728

Redirect headers

date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Uz8CvPtoN5oN6bAe81hTZnktrB5xt6_EppF7rvdg2HSX65OdKn-nYQ==
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9278
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1---
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-...
0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594771.206189,VS0,VE3
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
date
Fri, 18 Mar 2022 09:12:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33728
1491
rtd-tm.everesttech.net/upi/pid/ Frame 9278 		85 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
16a8e97a93ce245b4e254f9a3365a9de33fdb0f0789f12b3e54f12186d64931c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594771.049652,VS0,VE7
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8BB5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=32851
expires
Fri, 18 Mar 2022 18:20:22 GMT
date
Fri, 18 Mar 2022 09:12:51 GMT
vary
Accept-Encoding
img
pix.us.criteo.net/img/ Frame 45A5 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-How-to-Train-Your-Human-Short-Sleeve-Crusher-Tee_91349_1_lg.png&v=3&w=400&s=WpItEm5vAZlWaDa8ZEp9Lz6q&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a02cd5cf702c8ea523a628ccec6b30f8e3af81535086738dc5b13178b95483a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
80504
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame 999A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame 8724 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame CD0E 		0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=1&taboola_hm=B93E2E12-AA9E-4220-8310-B08598FC53B9&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 18 Mar 2022 09:12:51 GMT
x-fastly-to-nlb-rtt
29956
access-control-allow-credentials
true
img
pix.us.criteo.net/img/ Frame 9E96 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame 42DB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.118234%2Fw.900%2Fh.900%2Fhalcyon%2Bdays%2Bdogs%2Bmug.jpg&v=3&w=400&s=TmmE256mjmcP3F7RTRDbDuNF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30296
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame C95D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Faax-us-east.amazon-adsystem.com%2Fe%2Fdtb%2Fadmi%3Fb%3DImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ%26rnd%3D2288976735991647594755471%26pp%3D1y4n2f4%26p%3D1m4mmm8%26crid%3D3658_15736_0ngdwb3k&i=MAILONLINE2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=18&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&f=0&j=&t=1647594748255&de=506118602268&rx=305135542903&cu=1647594748255&m=23556&ar=16e2d13da31-clean&iw=f4fab01&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=18&lb=62021&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=86&vx=86%3A-%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=15187&an=10056&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1488&kw=934&aj=1&pg=86&pf=86&ib=1&cc=1&bw=15187&bx=10056&ci=1488&jz=934&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15011&cd=9878&ah=15011&am=9878&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=45677948%3A479101508%3A248283068%3A133674874148&cm=0&bo=423397628&bp=22026445361&bd=mpu_left&zMoatPS=mpu_left&gw=mailonlineprebidheader526476985912&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=22026445361&dfp=0%2C1&la=22026445361&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=mpu_left&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&jm=-1&tz=mpu_left&iq=na&tt=na&tc=0&fs=197504&na=1172277033&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:51 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=9&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=17629&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=5199&an=2296&gi=1&gf=5199&gg=2296&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=5199&bx=2296&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=5089&cn=2186&gn=1&gk=5089&gl=2186&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17603&cd=14496&ah=17603&am=14496&dq=5275&dr=2168&ds=5275&dt=2168&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=148&vt=337&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1682205573&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:51 GMT
img
pix.us.criteo.net/img/ Frame EC20 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:51 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D7509,0,0,0,0%26mtos%3D7509,7509,7509,7509,7509%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D7509,0,0,0,0%26mtos%3D7509,7509,7509,7509,7509%26amtos%3D0,0,0,0,0%26mcvt%3D7509%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7509%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1451%26pst%3D558%26dur%3D15018%26vmtime%3D7526%26dtos%3D3602%26dtoss%3D3%26dvs%3D3602%26dfvs%3D3602%26dvpt%3D3602%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3602,3602,3602,3602,3602%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D38%26emuc%3D0%26emb%3D37,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D14715%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,7509;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=210003;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 3CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pct50
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/pct50?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&pvId=1&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&vol=0&dur=15&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
via
1.1 varnish
x-pt
P=164
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:51 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594771975&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
01d2f79f76c162b708feee3892b283cb057745d1f02c6ae63e3987ec3869f392

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
content-encoding
gzip
server
nginx
machineid
1162
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
img
pix.us.criteo.net/img/ Frame AB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.86214%2Fw.900%2Fh.900%2Fprimrose%2Bon%2Bcream%2Btapestry%2Bpillow.jpg&v=3&w=400&s=AHY7IQcHRYIeixfO7mZNzeyF&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30886
expires
Fri, 18 Mar 2022 09:12:52 GMT
sync
t.adx.opera.com/ Frame ABC7 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=videoplaytime50&ad_mt=7527&acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D7260,0,0,0,0%26mtos%3D7260,7260,7260,7260,7260%26amtos%3D0,0,0,0,0%26mcvt%3D7260%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7260%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7260%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D3562%26dtoss%3D3%26dvs%3D3562%26dfvs%3D3562%26dvpt%3D3562%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3562,3562,3562,3562,3562%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D55%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D24171%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7260&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=10&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=17869&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=5434&an=5199&gi=1&gf=5434&gg=5199&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=5434&bx=5199&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=5324&cn=5089&gn=1&gk=5324&gl=5089&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17838&cd=17603&ah=17838&am=17603&dq=5510&dr=5275&ds=5510&dt=5275&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=337&vt=352&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=5434&fj=0&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1163608450&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:52 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=11&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=17871&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=5434&an=5434&gi=1&gf=5434&gg=5434&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=5434&bx=5434&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=5324&cn=5324&gn=1&gk=5324&gl=5324&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17838&cd=17838&ah=17838&am=17838&dq=5510&dr=5510&ds=5510&dt=5510&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=352&vt=352&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=5434&fj=5434&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1718247813&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:52 GMT
trypop
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/trypop?wklz=IYYwLglgbskPYDsC8EGklCYCeAyYAJgPoCuCWAzkgCwBMApLQMIBs1jTArAIy4VwkATiACmSQhVwhgAWwAOwCAHNyBJNwDMtatwAcvYEpEIwSAFaSZcAmIAMuAO4iARhSwiIa6tU4bcmN0g1bjYAdk4ATmpwkIjbFlt7G0xRTyQtNgjfTk5aKI0NPVDaXAUjTBEHNN4KEQBHEmNU4N4QABsIYzBIGREKMFk5dTDI6OLuCJYpDq7gOWgRQTdEJAGlP2SIUSQCPjgAMzAiNNoWAE0AKQQAeQBVW9CABQpBEgALWwiZQQcQAGsABIAUXkAEFBLg3sBBMQTucrgAVACKGiRUKUz16TFCAA1dFA5AQAHIiJHAIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
unip
trc-events.taboola.com/1125455/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1125455/log/3/unip?en=pre_d_eng_tb&tos=24193&scd=6&ssd=1&est=1647594748165&ver=35&isls=true&src=i&invt=12000&rv=1&tim=1647594772359&vi=1647594748161&ri=0d6da89cdbde260a68eee94a7d7d4cf1&ui=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&ref=null&cv=20220313-3-RELEASE&item-url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
sync.taboola.com/sg/rhythmone-network/1/rtb-h/ Frame FA9C
Redirect Chain
  • https://sync.1rx.io/usersync2/taboola?gdpr=1&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frhythmone-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRX-07394370-7cd4...
  • https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33201

Redirect headers

Date
Fri, 18 Mar 2022 09:12:52 GMT
Server
Tengine
ETag
RX073943707cd44c12a40bb3d6434dcf48005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&us_privacy=1---
Connection
keep-alive
Content-Type
text/html
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame FA9C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=t&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsmaatortb-network%2F1%2Frtb-h%2F%3Forig%3Dvideo%26taboola_hm%3D%24UID%26us_privacy%3D1---
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34041

Redirect headers

date
Fri, 18 Mar 2022 09:12:52 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?orig=video&taboola_hm=77c60781&us_privacy=1---
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
rao_RNpTrTAqD50ewtgQd50LXYyQAyuvzfP4kBPK8A7flMjGSQetxg==
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame FA9C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola&us_privacy=1---
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-...
0
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1647594773.569823,VS0,VE22
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18169-EWR

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&tbid=62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&query=taboola_hm%3D65ed1fbd-31f1-4fb7-8b90-717cee4b5c64&isDirect=0
date
Fri, 18 Mar 2022 09:12:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34041
1491
rtd-tm.everesttech.net/upi/pid/ Frame FA9C 		85 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
16a8e97a93ce245b4e254f9a3365a9de33fdb0f0789f12b3e54f12186d64931c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647594772.469921,VS0,VE8
x-served-by
cache-ewr18122-EWR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rtb-h
sync-t1.taboola.com/sg/spotx-global-network/1/ Frame FA9C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32484

Redirect headers

Date
Fri, 18 Mar 2022 09:12:52 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
375
Connection
keep-alive
Content-Length
0
gtm.js
www.googletagmanager.com/ Frame FA9C 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d35d129105b18a67acd3b2a760b3349503a7558222d65b468eb45e30f5e8379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31383
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:52 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-earrings%2F936180.jpg%3Fsw%3D350&v=3&w=400&s=3u6RQYHQWnXnsgOr08tJgSRs&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40fe4c7f0bd58cf2596a85ad50e76695d76df8cf9a722e6f7154fb3bfb1557c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147703
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9000
expires
Thu, 31 Mar 2022 16:01:15 GMT
partner
sync.search.spotxchange.com/ Frame FA9C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=pub_71451&sync_limit=5
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESECzb1bTJJZ_oJC7uccWff9E&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=f67a371d-f285-4ca2-be6f-f2af79502cb4&img=1
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAGn007EaJoAAAyap1piaQ&gdpr=0
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=da9b1850-b2df-46ec-8b1d-3c969b4d682a
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7308&uid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
25
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:52 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.search.spotxchange.com/partner?adv_id=7308&uid=b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:53 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=9889&fi=0&apd=10114&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page10&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=15&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:53 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=9889&fi=0&apd=10114&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page10&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=16&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:53 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcreative.stackadapt.com%2Ficons%2Fadchoices%2Fadchoices.png&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk%2F&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=10378&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&lf=528&lg=1&lh=299&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=96&vx=-%3A96%3A-&pe=0%3A2472%3A3021%3A6312%3A4965&aa=1&ad=10129&cn=5255&gk=0&gl=0&ik=0&ic=0&ez=1&co=1224&cp=1194&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10114&cd=5265&ah=10114&am=5265&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=STACKADAPTDISPLAY1-sa_content&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jh=5&jk=16&jm=-1&mr=6&ml=214464&tc=0&fs=197273&na=303702045&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:53 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=4&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=12&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=20052&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=7622&an=5434&gi=1&gf=7622&gg=5434&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=7622&bx=5434&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=7512&cn=5324&gn=1&gk=7512&gl=5324&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=19816&cd=17838&ah=19816&am=17838&dq=7488&dr=5510&ds=7488&dt=5510&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=352&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=7622&fj=5434&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=901789572&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:54 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=13&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=20055&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=7622&an=7622&gi=1&gf=7622&gg=7622&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=7622&bx=7622&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=7512&cn=7512&gn=1&gk=7512&gl=7512&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20026&cd=19816&ah=20026&am=19816&dq=7698&dr=7488&ds=7698&dt=7488&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=7622&fj=7622&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=84458413&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:54 GMT
%7B%22adCsm%22:[%7B%22vdr%22:%228014.10%22,%22tdr%22:%2214084.70%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594774515,%22ver%22:%22r-1.27%22%7D
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/%7B%22adCsm%22:[%7B%22vdr%22:%228014.10%22,%22tdr%22:%2214084.70%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594774515,%22ver%22:%22r-1.27%22%7D?cb=8385991
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C5S2SBTJ4CBA4JC98RCP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:54 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:54 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&lo=8&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6384385731055605%26output%3Dhtml%26h%3D600%26slotname%3D8308011259%26adk%3D643645107%26adf%3D2562983592%26pi%3Dt.ma~as.8308011259%26w%3D160%26url%3Dhttps%253A%252F%252Fwww.dailymail.co.uk%252Fnews%252Farticle-2187999%252FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%26ea%3D0%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1647594757840%26bpp%3D16%26bdt%3D1041%26idt%3D1008%26shv%3Dr20220316%26mjsv%3Dm202203140101%26ptt%3D5%26saldr%3Dsa%26cookie%3DID%253D097f060fc0340404%253AT%253D1647594749%253AS%253DALNI_MaIXPXWa1_jm12MhDxfaEUJ-FMqZw%26correlator%3D7778057433221%26frm%3D23%26ife%3D4%26pv%3D2%26ga_vid%3D1144404248.1647594748%26ga_sid%3D1647594759%26ga_hid%3D1344351996%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1292%26ady%3D43%26biw%3D1600%26bih%3D1200%26isw%3D160%26ish%3D600%26ifk%3D3389053537%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C42531397%252C44750774%252C31065469%252C31065545%252C31065636%252C44760495%26oid%3D2%26pvsid%3D1344519207341694%26pem%3D370%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C160%252C600%26vis%3D1%26rsz%3Do%257Co%257CeE%257C%26abl%3DNS%26pfx%3D0%26fu%3D1028%26bc%3D31%26ifi%3D1%26uci%3D1.5e43nj27lz9t%26fsb%3D1%26dtd%3D1029&i=MAILONLINE2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&f=0&j=&t=1647594748255&de=859835375343&rx=305135542903&cu=1647594748255&m=26700&ar=16e2d13da31-clean&iw=f4fab01&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=62021&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=97&vx=97%3A-%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=15043&an=10207&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1380&kw=1295&aj=1&pg=97&pf=97&ib=0&cc=1&bw=15043&bx=10207&ci=1380&jz=1295&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15457&cd=10574&ah=15457&am=10574&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5064879769%3A2907386859%3A5802149408%3A138365786354&cm=0&bo=423397628&bp=21693274104&bd=sky_right_top&zMoatPS=sky_right_top&gw=mailonlineprebidheader526476985912&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=21693274104&dfp=0%2C1&la=21693274104&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=sky-right&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&jm=-1&tz=sky-right&iq=na&tt=na&tc=0&fs=197504&na=1855046205&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:54 GMT
dc_oe=ChMIj5Tj5KjP9gIVKAloCB1NDwLUEAAYACCc4oNQ;met=1;&timestamp=1647594774999;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DDFB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj5Tj5KjP9gIVKAloCB1NDwLUEAAYACCc4oNQ;met=1;&timestamp=1647594774999;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D11429,0,0,0,0%26mtos%3D11429,11429,11429,11429,11429%26amto...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D11429,0,0,0,0%26mtos%3D11429,11429,11429,11429,11429%26amtos%3D0,0,0,0,0%26mcvt%3D11429%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11429%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2333%26pst%3D558%26dur%3D15018%26vmtime%3D11428%26dtos%3D3920%26dtoss%3D4%26dvs%3D3920%26dfvs%3D3920%26dvpt%3D3920%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3920,3920,3920,3920,3920%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D56%26emuc%3D0%26emb%3D55,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147479553%26psv%3D-2147479553%26psfv%3D-2147479553%26psa%3D0%26ptlt%3D18636%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,11429;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=210004;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=960585;
ade.googlesyndication.com/ddm/activity/ Frame 3CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pct75
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/pct75?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&pvId=1&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&vol=0&dur=15&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:55 GMT
via
1.1 varnish
x-pt
P=396
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:55 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=videoplaytime75&ad_mt=11428&acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26tos%3D11109,0,0,0,0%26mtos%3D11109,11109,11109,11109,11109%26amtos%3D0,0,0,0,0%26mcvt%3D11109%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11109%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11109%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D3849%26dtoss%3D4%26dvs%3D3849%26dfvs%3D3849%26dvpt%3D3849%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3849,3849,3849,3849,3849%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D73%26emuc%3D0%26emb%3D72,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D28020%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11109&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=3&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=14&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=21700&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=9149&an=7622&gi=1&gf=9149&gg=7622&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=9149&bx=7622&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=9039&cn=7512&gn=1&gk=9039&gl=7512&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=21553&cd=20026&ah=21553&am=20026&dq=9225&dr=7698&ds=9225&dt=7698&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=9149&fj=7622&ef=1&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=276598722&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:55 GMT
rtb-h
sync-t1.taboola.com/sg/spotx-global-network/1/ Frame E3C1
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31489

Redirect headers

Date
Fri, 18 Mar 2022 09:12:56 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
186
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/ Frame E3C1
Redirect Chain
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1---
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=23011afd-98f5-4519-956e-5366f9787085&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=23011afd-98f5-4519-956e-5366f9787085&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30985

Redirect headers

location
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=23011afd-98f5-4519-956e-5366f9787085&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
date
Fri, 18 Mar 2022 09:12:56 GMT
server
_
content-length
0
rtb-h
sync.taboola.com/sg/bidtellectrtb-network/1/ Frame E3C1
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30985

Redirect headers

X-ServerName
Track001-iad
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:50 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
sync
pixel.advertising.com/ups/55973/ Frame E3C1 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/55973/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/58233/ Frame E3C1 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58233/sync?gdpr=1&redir=true&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gtm.js
www.googletagmanager.com/ Frame E3C1 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d35d129105b18a67acd3b2a760b3349503a7558222d65b468eb45e30f5e8379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31383
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:56 GMT
rtb-h
sync-t1.taboola.com/sg/spotx-global-network/1/ Frame 05FB
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=71451&redir=https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=$SPOTX_USER_ID
  • https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30985

Redirect headers

Date
Fri, 18 Mar 2022 09:12:56 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-global-network/1/rtb-h?taboola_hm=898167d1-a69b-11ec-a277-16f784d60003
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
380
Connection
keep-alive
Content-Length
0
rtb-h
sync.taboola.com/sg/bidtellectrtb-network/1/ Frame 05FB
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31100

Redirect headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:50 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
sync
pixel.advertising.com/ups/55973/ Frame 05FB 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/55973/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/58233/ Frame 05FB 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58233/sync?gdpr=1&redir=true&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/ Frame 05FB
Redirect Chain
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1---
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=10772902-1686-41a9-9554-59b2977ff940&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=10772902-1686-41a9-9554-59b2977ff940&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31100

Redirect headers

location
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=10772902-1686-41a9-9554-59b2977ff940&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
date
Fri, 18 Mar 2022 09:12:56 GMT
server
_
content-length
0
gtm.js
www.googletagmanager.com/ Frame 05FB 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de27c046680b743ebbc92cfb4e8432e7a26fe2828458abdad50d6f4074529353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31385
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:12:56 GMT
partner
sync.search.spotxchange.com/ Frame E3C1 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=pub_71451&sync_limit=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:56 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
303
Connection
keep-alive
Content-Length
43
partner
sync.search.spotxchange.com/ Frame 05FB 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=pub_71451&sync_limit=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:12:56 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
392
Connection
keep-alive
Content-Length
43
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:56 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594777047&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
01d2f79f76c162b708feee3892b283cb057745d1f02c6ae63e3987ec3869f392

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:57 GMT
content-encoding
gzip
server
nginx
machineid
1109
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/ Frame 0098
Redirect Chain
  • https://csync.loopme.me/?gdpr=1&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Floopme-rtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7Bdevice_id%7D%26orig%3Dvideo%26us_privacy%3D1---
  • https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=9947282a-9962-4996-b93f-5460e5cb290d&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=9947282a-9962-4996-b93f-5460e5cb290d&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34243

Redirect headers

location
https://sync.taboola.com/sg/loopme-rtb-network/1/rtb-h/?taboola_hm=9947282a-9962-4996-b93f-5460e5cb290d&orig=video&us_privacy=1---&us_privacy=1---&gdpr=1
date
Fri, 18 Mar 2022 09:12:57 GMT
server
_
content-length
0
rtb-h
sync.taboola.com/sg/bidtellectrtb-network/1/ Frame 0098
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?gdpr=1&us_privacy=1---&source=14b8c562-d12b-418b-b680-ad517d5839ec
  • https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36251

Redirect headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://sync.taboola.com/sg/bidtellectrtb-network/1/rtb-h?taboola_hm=f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
sync
pixel.advertising.com/ups/55973/ Frame 0098 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/55973/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/58233/ Frame 0098 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58233/sync?gdpr=1&redir=true&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.129.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-129-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame 0098
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo...
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36251

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=3&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=15&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=23541&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=11111&an=9149&gi=1&gf=11111&gg=9149&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=11111&bx=9149&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=11001&cn=9039&gn=1&gk=11001&gl=9039&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23515&cd=21553&ah=23515&am=21553&dq=11187&dr=9225&ds=11187&dt=9225&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=11111&fj=9149&ef=1&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=423814412&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:57 GMT
img
pix.us.criteo.net/img/ Frame 45A5 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11589&q=80&r=0&u=http%3A%2F%2Fimages1.lifeisgood.com%2FWomens-Here-Comes-The-Sun-Evergreens-Crusher-LITE-Vee_71862_1_lg.png&v=3&w=400&s=VhF_uhtn5nXPG5ONd9j6vfzE&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a479bfd5d75d479b2009eb8f7930e1201ea9751106be5754697709009b6688e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
63984
expires
Fri, 18 Mar 2022 09:12:58 GMT
img
pix.us.criteo.net/img/ Frame 45C3 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206469
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame 999A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115978
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
img
pix.us.criteo.net/img/ Frame 8724 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206469
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame F5EF 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206469
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame 9E96 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115978
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
perf
ch-trc-events.taboola.com/dailymail-us/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/dailymail-us/log/3/perf?route=US%3ACH%3AV&lti=explore-more-header-ab-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220310-19_b3-PR-42705-DEV-100827-fix-header-rendering-on-em-6805dba9e61-SNAPSHOT.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Islington, United Kingdom, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:12:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
img
pix.us.criteo.net/img/ Frame 42DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.52961%2Fw.900%2Fh.900%2Fpiedmont%2Bglobe.jpg&v=3&w=400&s=_STy3fdzdmMQOLQF1Da6toSm&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=115978
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15476
expires
Sat, 19 Mar 2022 17:25:56 GMT
img
pix.us.criteo.net/img/ Frame C95D 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206469
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=14884&fi=0&apd=15109&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page15&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=17&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:58 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame 8EA9 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1194&tet=14884&fi=0&apd=15109&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=dailymail.co.uk&L1id=13935&L2id=214464&L3id=1790735&L4id=643645107&S1id=156&S2id=dailymail.co.uk&ord=1647594763486&r=796068063137&t=page15&os=1&fi2=0&div1=1&ait=0&zMoatIMP=1&zMoatAuction=1-5231-164759475895511090205804-1&bedc=1&q=18&BSD=safe&BSC=gs_shopping_misc,gs_travel,moat_safe,gs_family_children,gs_family,gs_home_property,gs_entertain,gs_entertain_gambling&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:58 GMT
pixel.gif
px.moatads.com/ Frame 8EA9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=STACKADAPTDISPLAY1&ol=778704324&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HmJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=604&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.dailymail.co.uk&lp=https%3A%2F%2Fwww.dailymail.co.uk&t=1647594763486&de=796068063137&cu=1647594763486&m=15358&ar=359f21c1e97-clean&iw=c0bfd0c&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=622&le=1&lf=528&lg=1&lh=299&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=96&vx=-%3A96%3A-&pe=0%3A2472%3A3021%3A6312%3A4965&aa=1&ad=15108&cn=10129&gk=0&gl=0&ik=0&ic=0&ez=1&co=1224&cp=1194&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15109&cd=10114&ah=15109&am=10114&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=13935%3A214464%3A1790735%3A643645107&bo=156&bp=dailymail.co.uk&bd=pub-6384385731055605&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=dailymail.co.uk&hv=STACKADAPTDISPLAY1-sa_content&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&jh=5&jk=18&jm=-1&mr=6&ml=214464&tc=0&fs=197273&na=1669625151&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:58 GMT
img
pix.us.criteo.net/img/ Frame EC20 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.59049%2Fw.900%2Fh.900%2Fa%2Bwinter%2Blandscape%2Boil%2Bpainting.jpg&v=3&w=400&s=adq8cL64lwSKYASc7hNZJkXk&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=206468
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23842
expires
Sun, 20 Mar 2022 18:34:07 GMT
img
pix.us.criteo.net/img/ Frame AB97 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27948&q=80&r=0&u=https%3A%2F%2Fwww.scullyandscully.com%2Fproductimages%2Fimage.axd%2Ff.84778%2Fw.900%2Fh.900%2Fitalian%2Bleather%2Band%2Bstainless%2Bsteel%2Blamp.jpg&v=3&w=400&s=Te5FhJ9mrCc_1bOTnSAksJup&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
10cc8e454acb381275dadc2c3a985ff93db8e8e4522dcacbee15f0c10a10b3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=221737
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2528
expires
Sun, 20 Mar 2022 22:48:36 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26p0%3D945,1150,1195,1595%26p1%3D945,1150,1195,1595%26p2%3D945,1150...
ade.googlesyndication.com/ddm/activity/ Frame 8635 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;av=1;acvw=sv%3D922%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26p0%3D945,1150,1195,1595%26p1%3D945,1150,1195,1595%26p2%3D945,1150,1195,1595%26p3%3D945,1150,1195,1595%26tos%3D15068,0,0,0,0%26mtos%3D15068,15068,15068,15068,15068%26amtos%3D0,0,0,0,0%26mtos1%3D3907,0,0%26mtos2%3D3602,0,0%26mtos3%3D3920,0,0%26mcvt%3D15068%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15068%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2964%26pst%3D558%26dur%3D15018%26vmtime%3D15018%26dtos%3D3639%26dtoss%3D5%26dvs%3D3639%26dfvs%3D3639%26dvpt%3D3639%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3639,3639,3639,3639,3639%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4982%26femvt%3D0%26emc%3D72%26emuc%3D0%26emb%3D71,0,0,0,0%26avms%3Dexc%26qi%3D590023473%26psm%3D-2147418113%26psv%3D-2147418113%26psfv%3D-2147418113%26psa%3D0%26ptlt%3D22274%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,15068%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05%26ss3%3D0.05;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594762453;ecn1=0;etm1=0;eid1=210005;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=13;
ade.googlesyndication.com/ddm/activity/ Frame 3CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItKiF4ajP9gIV6L2zCh1tdAitEAAYACD315dK;met=1;ecn1=1;etm1=0;eid1=13;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pct100
statsf-tm.everesttech.net/stats/1/ Frame 3CC1 		85 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/pct100?cpKey=rZ84uViILoH9hvOGFXkM&adKey=uPKVW5jfD6rMGN9MnNXQ&env=site&auth=ae3e20fed1a8f63f8dfe8934adb8e1ea&date=1647594752948&vinst=t&rt=HTML5&didtype=UNK&did=&PG=F&seller_id=9929&price=55FC6852F576BD07&mpKey=btXxJqnWClDtkAjBpZEd&conn=unknown&pvId=1&bi=B09hutsdZR20Fu6IXbnAqVd5gR6NCnEkc4TKJB5J2Y3kzNg2u9CYWs2ltD6j8Z6EF2pRMATvgCkqlm99aQeT4QJXjcixuVt_xLzkiFS-q7bva6Qrl0BuKjUm0vebo3KAKG9EWDcQG_kVHzPQ9GmrrpZjW2qpjr0U7TyDSAOSORJKukmMQlYrXkWEoQ7RiULLTyqSEBqle6GQeAF7peFNF0Su-HxVDcubA2xgfiqd2DpEmYrDrYzlZzSFnkrcTS943c8&psId=3ULOuOEPIKm4jjXMIVZG&sessId=253e6929850fcb43f736bb21ed8cc5e61753a6d7.1&s=H4sIAAAAAAAAAAEgAd_-8xDX4lg6mFfNGypliqGgllOhauKdSCEGZUmCKQPpEiKxZKT0vtC78wCiamt1X9oCWDmO9451bBJj1rGisnBITjVCEn6_uajH4nmgTsNTUeAEWgza2RuDJIjYm4acnZ6KynLtuW1IZ014nddWQTNfIF4HUpRAhymeLPzO84rJkGVfuKvCMNavP7KqJmQIdSFFQtUcKBJsKPpeBM3qVMpc0C5YROMGa9lRlBtxaXSvsO9IuTcLLzQWxBLNHaTgN8Um2esuRr_vSk7TBLZTO210KIGjTcmbiwCfRG4nheUT_xBcKkdfteArA_YstECu77jrD0QDJ416g92OxVJPi4uFDouuuwn7zpRWlVntDsvGyE0KaUYdiXb0ZqO_0Uw0KcMbmcXdgyABAAA&vol=0&dur=15&apv=J20201012&burl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&rurl=https%3A%2F%2Fwww.dailymail.co.uk&pw=445&ph=250&w=445&h=250&wd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
via
1.1 varnish
x-pt
P=225
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
US-East
content-length
85
x-served-by
cache-ewr18122-EWR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:12:59 GMT
dbbbddc5-ed24-4925-900b-75939d078d97
beacon-nf.rubiconproject.com/beacon/v/ Frame 0B82 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/dbbbddc5-ed24-4925-900b-75939d078d97?oo=0&accountId=9929&siteId=205750&zoneId=1013472&sizeId=201&e=EF05D8E5B84FFBB0BE5EAC9651EFBC36F00ECFE19D07D40A910A01E75440D69BB205623AD47BC399D1EEC24F4ABB47105FADD9A8F435E08553FC1C95409D6255F4BD377A9FD7526D5A30B35AC5B7070BD75712A0AFA9C93434759A895087D91D294716194227A23B8FB3B56B4A60E7DD442798FF08BED6CD054F9E2264F67DE504849D224A7549B2F077C4CDFF7CAA3DDC4660C120087B9EAECCC9EF795D74AE41A2022CD3D41ADC6B8AB94857D777FC9399BB807CAE9DCB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.67 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:12:59 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 0B82 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B08FT_0w0Yv3TN7yYoPwP5eGF4A79yMzwRQAAABABIJS1rUM4AVib49uogwRgye6Oi8CkjBCyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAYQBaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS0yMTg3OTk5L1dpbGwtMTQ4bS1FdXJvTWlsbGlvbnMtamFja3BvdC13aW5uZXItc2hhcmUtZm9ydHVuZS1sb25nLWxvc3QtaGFsZi1icm90aGVyLW1ldC5odG1smALoB8ACAuACAOoCNC80MjQzOTc1MDgvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AvLRHpAD4AOYA-ADqAMB4AQB0gUGENLR580UkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGB3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=N4Z-C3xY4EA&label=videoplaytime100&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D945,1150,1195,1595%26p0%3D945,1150,1195,1595%26p1%3D945,1150,1195,1595%26p2%3D945,1150,1195,1595%26p3%3D945,1150,1195,1595%26tos%3D14737,0,0,0,0%26mtos%3D14737,14737,14737,14737,14737%26amtos%3D0,0,0,0,0%26mtos1%3D3698,0,0%26mtos2%3D3562,0,0%26mtos3%3D3849,0,0%26mcvt%3D14737%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14737%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14737%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D3628%26dtoss%3D5%26dvs%3D3628%26dfvs%3D3628%26dvpt%3D3628%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3628,3628,3628,3628,3628%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2268%26femvt%3D0%26emc%3D90%26emuc%3D0%26emb%3D89,0,0,0,0%26avms%3Dexc%26qi%3D825722249%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D31647%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14737%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05%26ss3%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1647594753953&sdkv=h.3.505.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MzE4ODc4MjYyDDEzODMyOTY0OTU2M0CWBQpBCAISIHByZWJpZC1zZXJ2ZXIucnViaWNvbnByb2plY3QuY29tGg5SdWJpY29uUHJvamVjdCADKgc0MjY1NjQyQDsKkQEIARIWYXNmLXRtLmV2ZXJlc3R0ZWNoLm5ldBoIUGxheVRpbWUgAiopclo4NHVWaUlMb0g5aHZPR0ZYa00udVBLVlc1amZENnJNR045TW5OWFEyFHVQS1ZXNWpmRDZyTUdOOU1uTlhRQJ4BUiUI9AMQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IljpQAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=4&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=16&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=25324&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=12814&an=11111&gi=1&gf=12814&gg=11111&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=12814&bx=11111&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=12704&cn=11001&gn=1&gk=12704&gl=11001&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=25218&cd=23515&ah=25218&am=23515&dq=12890&dr=11187&ds=12890&dt=11187&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=25685&ek=1&fh=5434&fi=12814&fj=11111&ef=1&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=754397261&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:59 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=18&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=25326&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=12814&an=12814&gi=1&gf=12814&gg=12814&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=12814&bx=12814&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=12704&cn=12704&gn=1&gk=12704&gl=12704&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=25218&cd=25218&ah=25218&am=25218&dq=12890&dr=12890&ds=12890&dt=12890&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&eb=1&ec=25685&ek=1&fh=5434&fi=12814&fj=12814&ef=1&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1021829967&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:59 GMT
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=28&q=0&hp=1&wf=1&ra=2&pxm=4&vz=-&zp=4&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINEJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=17&h=250&w=445&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1150&gp=945&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&cm=3&f=0&j=&t=1647594754246&de=369927196513&cu=1647594754246&m=25325&ar=359f21c1e97-clean&iw=2cedb00&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=62021&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=1&ag=12814&an=12814&gi=1&gf=12814&gg=12814&ez=1&ck=2092&kw=13187&aj=0&pg=100&pf=100&ib=1&ka=1&kb=1&cc=1&bw=12814&bx=12814&ci=2092&jz=13187&dj=0&undefined=1&aa=1&ad=12704&cn=12704&gn=1&gk=12704&gl=12704&co=2186&cp=13407&cq=0&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=25218&cd=25218&ah=25218&am=25218&dq=12890&dr=12890&ds=12890&dt=12890&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=406&vt=406&vd=0&zMoatSRE=0.057942708333333336&zMoatVSD=6.264&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&eb=1&ec=25685&ek=1&fh=5434&fi=12814&fj=12814&ef=1&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5531887826%3A138329649563&dfp=0%2C1&la=5531887826&zMoatPL=dailymail.co.uk&zMoatPL2=dailymail.co.uk&bo=dailymail.co.uk&bd=dailymail.co.uk&gw=mailonlinejsvideo243552997523&zMoatOrigSlicer1=%25esid!&zMoatOrigSlicer2=%25esid!&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=375253224&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 18 Mar 2022 09:12:59 GMT
csi
csi.gstatic.com/ Frame 8635 		0
0
csi
csi.gstatic.com/ Frame 2831 		0
0
480x270_MP4_4612158401457702697.mp4
video.dailymail.co.uk/video/mol/2022/03/16/4612158401457702697/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2022/03/16/4612158401457702697/480x270_MP4_4612158401457702697.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
57df1c0cc40257706450047affaeb25139c1e953665d744f9f757e047b7fa2e4

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Wed, 16 Mar 2022 03:40:32 GMT
server
AkamaiNetStorage
etag
"05e8eaf6e8d7b7bd40d502fce0e1e1c8:1647402032.13946"
content-type
video/mp4
Content-Range
bytes 0-1180210/1180211
cache-control
max-age=3600
accept-ranges
bytes
Content-Length
1180211
expires
Fri, 18 Mar 2022 10:12:59 GMT
img
pix.us.criteo.net/img/ Frame 6DB4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68585&q=80&r=0&u=https%3A%2F%2Fwww.ross-simons.com%2Fdw%2Fimage%2Fv2%2FBCFL_PRD%2Fon%2Fdemandware.static%2F-%2FSites-lbh-master%2Fdefault%2Fdw20220323%2Fimages%2Fjewelry-semi-precious-rings%2F943596.jpg%3Fsw%3D350&v=3&w=400&s=JGnQm1wlWEA0W-N3eifaO82_&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b595a92bc911ff548e03fe3738ff3b729ea5190c78ac391fc35c38fabdfaccfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1147692
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15238
expires
Thu, 31 Mar 2022 16:01:12 GMT
video_info
context.iris.tv/ 		351 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=W491AUI45FTTFWD&platform_id=8621222613861186969
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-99.ewr53.r.cloudfront.net
Software
Zer01ne /
Resource Hash
1d94aa400990768ed9893f3f807951227c21d25057cc34037e1a64182a1eadfe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:49:03 GMT
via
1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
server
Zer01ne
age
1436
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
EWR53-C3
x-robots-tag
noindex, follow
x-amz-cf-id
8YKwsgqVVDUZwBGDCFVaODtJDoBy0SPRPgXbAGoN1s65ngxgjDxMOA==
bid
c.amazon-adsystem.com/e/dtb/ 		522 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=4&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_19a884cfc64f0360%22%2C%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LxDeaLjRYpFx7BFME178yxHly9hr98JUqmweb9kz7rkLcmO85pTXgtVjTHeTGT-vC3NwPh1jKg0tFzprUxzCpQt0bJG7yZQSnwTsZsokZ-ALdX8F8qXGW5ZJ_uskzD5JC3Y2jKrfxyS1V9650vnq-gt3Y9wA9LUSM1ckinN4E20LeL2RpadB1F4y14K7DJjOC3luL7yAGDiBccsUrLoWbQt6UZALdJ4PCJEzeICwQLsLe3IqGGxVm25Lt_2J4rooC3yXmwHHAgEgfF4oKDigaAt9uROZgTVUVdnNWE0VBi0LfgDi5L45cNOnhhHy62LhC3_xN4pjgQQaHHtBDgoO0guAOy4YC_aP1EIeT6D36BYLgfJ9pvTxffVUFQdTsDOGC4J63Jj_8dpkzzcWwc9NVwuDDZwaLuiHCNw8zT3UiiELhLtnJZDCzIVL2LY-a2TOC4XHjrGyJvqDSV5p5CvctAuGrB3aMnMCp79iEqKuGDsLh5XEG0haRmO-h8LvB1j6C4huSiLGmNPQJ9M82A46hguJdEaTXk0WV13rrmNLHCsLitYzzYCtS4Wtu8Uctbb7C4uLpXoVyQYpWU0trBhz3wuMHh0Pg-LwNGHXHuF7wSkLjZhIOr_gMN8e-Un9sgl8C47Zq4LPj6gfzN71nppl8g%22%2C%22pubcommon%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
a5f5fa494a1d4ddf6d13b653ebd2dc3f6f8227af11ebc7f36a94c3d40ad8c6fe
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:00 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
NCZJT6DSQ0QHVZ405W53
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
522
x-amz-cf-id
anFEcA1Cq6dXXDhY3s0M84IflSunnl42Dk870lBzmiQ2BhfA068B5Q==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		232 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8c9a1cc1b49618b268f6d7429e54f3870f295caa6168071fd1e92e439346f803

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
232
Expires
0
avjp
mailonline-us-d.openx.net/v/1.0/ 		106 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=54738035-f2f7-40e9-8fd2-cedec1308834&nocache=1647594779941&us_privacy=1---&id5id=ID5*hMWD_RMEPwTaOUzZuIuhXrowlk3AIp_BAblD-nLmsywLct4hvu72hJfA14cwXlG9C3Ok-6U6567S5OHbteYbfgt0ap6XToV-u1ar87tDEUoLdSr5m4yq_sbeB42gaDkIC3aDEBSCW23Du6sacFBPvwt3cuRmTedjHa7kHmXVFWkLeBHs9H_mKISzY42TJHeRC3kuC5fsQlpfzlh6GMoq2wt65P5HLp5Td4VOkM9ckmMLe2F7lzF-SJLOxAOV-eJEC3xv2tPUI4yDmG_r6xIpeQt9zGL3NwPWlHTnGf9Y990Lfvcs2X6llh_NpUAfUERlC39y3JAiP7DcORRZRqerYwuAuBtJ1mQ3OzFi_9F35U0LgezLZhU28cRx98xLGW7NC4INeH3qyM-dWn5dcmfEWguDpvUphu88xST3enCW7V4LhPYXWF39JjwCpsltuekYC4XjnCpaCAFYXdyttF_E9QuG-3b4Lbe9dPeC0N_SF_ILh37ZWFE0QN0gzz64PgY_C4hB6cU8msrW4CPyoGxNYwuJuPWhkiDJe3e8_AfPLsELisWd7nxevAnyxdthdlMMC4s1buQVgDyezRe7dyuwtQuMuHF0GF4yP0mQKVBNv7sLjecFS7ScKZZl1CSghEQdC44bc4uMnffXJy7y5L0HKQ&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&ttduuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A401%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%7D%7D%5D%7D&auid=540642937&vwd=401&vht=225&aucs=424397508%252Cdm.chromelessvideo%252Cdm_dmnews_news%252Cmidroll
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
via
1.1 google
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=1500&us_privacy=1---
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
226453
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/226453?src_sys=prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.123 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
X-SpotX-Timing-Transform
0.000386
X-SpotX-Timing-SpotMarket
0.005827
X-SpotX-Timing-Page-Mux
0.000944
X-SpotX-Timing-Page-Require
0.000341
X-fe
393
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.015618
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005827
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.007802
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
959b6810d8c92f3583e29f965c347b6cca12cd5f51bb73c91b177bd7833dfdbe

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=48519808631
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
85bb68203051bca1f7848854ab150aee43ee7235d637b180ade5a2cca4eec3ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:00 GMT
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c50da38-e4a7-467e-8d96-0daae52fd24d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		504 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=294681&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22279137dc823e51cf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22sharedid%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222806083daab4e0bb%22%2C%22ext%22%3A%7B%22siteID%22%3A294681%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22playerSize%22%3A%5B%5B401%2C225%5D%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22w%22%3A401%2C%22h%22%3A225%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd2275583de01af5e855ac8fc38b794b69d940306606945b66d4e76158716000

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
358
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:13:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.0.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-0-170.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9ff8187f890ed05538d0a48a76bbe156459421e33a95bb34c748a9ffead2c5f8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
mvo
tag.1rx.io/rmp/231256/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231256/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		952 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
7309c36490b4e1f7b52a9ee156e0825ba0a254bc9178585f88c87ba5bc01195b

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
540
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
2fe7cd9e77771d06dc70039bb00394369cfef63293f1db7cf6459ab3b27a9603

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:12:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
tag
m7hdh-2damu.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=54738035-f2f7-40e9-8fd2-cedec1308834&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:13:00 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
bid
c.amazon-adsystem.com/e/dtb/ 		522 B
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&pid=QlaghxHOEzOIz&cb=5&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_72872f020e282a54%22%2C%22pubcid.org%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LxDeaLjRYpFx7BFME178yxHly9hr98JUqmweb9kz7rkLcmO85pTXgtVjTHeTGT-vC3NwPh1jKg0tFzprUxzCpQt0bJG7yZQSnwTsZsokZ-ALdX8F8qXGW5ZJ_uskzD5JC3Y2jKrfxyS1V9650vnq-gt3Y9wA9LUSM1ckinN4E20LeL2RpadB1F4y14K7DJjOC3luL7yAGDiBccsUrLoWbQt6UZALdJ4PCJEzeICwQLsLe3IqGGxVm25Lt_2J4rooC3yXmwHHAgEgfF4oKDigaAt9uROZgTVUVdnNWE0VBi0LfgDi5L45cNOnhhHy62LhC3_xN4pjgQQaHHtBDgoO0guAOy4YC_aP1EIeT6D36BYLgfJ9pvTxffVUFQdTsDOGC4J63Jj_8dpkzzcWwc9NVwuDDZwaLuiHCNw8zT3UiiELhLtnJZDCzIVL2LY-a2TOC4XHjrGyJvqDSV5p5CvctAuGrB3aMnMCp79iEqKuGDsLh5XEG0haRmO-h8LvB1j6C4huSiLGmNPQJ9M82A46hguJdEaTXk0WV13rrmNLHCsLitYzzYCtS4Wtu8Uctbb7C4uLpXoVyQYpWU0trBhz3wuMHh0Pg-LwNGHXHuF7wSkLjZhIOr_gMN8e-Un9sgl8C47Zq4LPj6gfzN71nppl8g%22%2C%22pubcommon%22%3A%22ebe45e15-7ea9-4da7-9c84-d40d0030ab4f%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
9b1696e5dbfca211ad061358236b4fba880491cfe8b86c9a48101d65b53674a0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:00 GMT
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
RP0YGDZH967Z63AXYNRE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
522
x-amz-cf-id
LOQ0X13OyNGGHZqBEJ8dYDG5AzFJLG5XJMXjHFP1z0BUT26FpU6s2Q==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		231 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
096b99f82acc78e9b9bf7067067456063f6033830fc235afa4ed5fe69a4c19b1

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.203.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
231
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b3e0f7fb97d18760d7c327b5bdb964c169f95c8117c0b459115749f4dad965a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.42; 96.9.249.42; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a8eac2ab-a5c7-410d-8b15-42ce177af3fd
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
ed071f657223f6bd460832d9c24d2c407ba5f321f44bb208d9cd77baeefe67e3

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ 		951 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
946b2ca270f676dc0d367fe332307411fcf85e6f292f5e7552a8a255231b6f69

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
541
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-153.compute-1.amazonaws.com
Software
/
Resource Hash
a995ffdc66f72cd33df4b4f502de4d00b9d698076b0dbb4cc1bbe7c2dba819dc

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
226453
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/226453?src_sys=prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.123 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
X-SpotX-Timing-Transform
0.001010
X-SpotX-Timing-SpotMarket
0.005692
X-SpotX-Timing-Page-Mux
0.001056
X-SpotX-Timing-Page-Require
0.000329
X-fe
310
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.015907
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005692
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.007468
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
m7hdh-2damu.ads.tremorhub.com/ad/ 		55 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=f20b7e29-0112-4018-9542-59a844357fcb&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a7bb57c0515f4f76633cf5f3ee87d43c5f6660377bbc9b4734cdba5dc804618a

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=15069845372
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:12:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&tmax=1500&us_privacy=1---
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-235-110.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		503 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=294681&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22312df29046b4e31%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22sharedid%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2231334b2fc1967545%22%2C%22ext%22%3A%7B%22siteID%22%3A294681%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22playerSize%22%3A%5B%5B401%2C225%5D%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22w%22%3A401%2C%22h%22%3A225%7D%7D%5D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c3e5be625e310fc3f13a1431c30c2392224e36026629ad71345e24b3a0b692f4

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.42], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
354
x-ak-client-geo
31
expires
Fri, 18 Mar 2022 09:13:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.0.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-0-170.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/231256/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231256/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
mailonline-us-d.openx.net/v/1.0/ 		106 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-us-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f20b7e29-0112-4018-9542-59a844357fcb&nocache=1647594779988&us_privacy=1---&id5id=ID5*hMWD_RMEPwTaOUzZuIuhXrowlk3AIp_BAblD-nLmsywLct4hvu72hJfA14cwXlG9C3Ok-6U6567S5OHbteYbfgt0ap6XToV-u1ar87tDEUoLdSr5m4yq_sbeB42gaDkIC3aDEBSCW23Du6sacFBPvwt3cuRmTedjHa7kHmXVFWkLeBHs9H_mKISzY42TJHeRC3kuC5fsQlpfzlh6GMoq2wt65P5HLp5Td4VOkM9ckmMLe2F7lzF-SJLOxAOV-eJEC3xv2tPUI4yDmG_r6xIpeQt9zGL3NwPWlHTnGf9Y990Lfvcs2X6llh_NpUAfUERlC39y3JAiP7DcORRZRqerYwuAuBtJ1mQ3OzFi_9F35U0LgezLZhU28cRx98xLGW7NC4INeH3qyM-dWn5dcmfEWguDpvUphu88xST3enCW7V4LhPYXWF39JjwCpsltuekYC4XjnCpaCAFYXdyttF_E9QuG-3b4Lbe9dPeC0N_SF_ILh37ZWFE0QN0gzz64PgY_C4hB6cU8msrW4CPyoGxNYwuJuPWhkiDJe3e8_AfPLsELisWd7nxevAnyxdthdlMMC4s1buQVgDyezRe7dyuwtQuMuHF0GF4yP0mQKVBNv7sLjecFS7ScKZZl1CSghEQdC44bc4uMnffXJy7y5L0HKQ&pubcid=ebe45e15-7ea9-4da7-9c84-d40d0030ab4f&ttduuid=f67a371d-f285-4ca2-be6f-f2af79502cb4&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A401%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%7D%7D%5D%7D&auid=540642937&vwd=401&vht=225&aucs=424397508%252Cdm.chromelessvideo%252Cdm_dmnews_news%252Cpreroll
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
via
1.1 google
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
05dd8c14b616f46906af1a9757e72d41e1fc80df6704ea11299e6931f4ce59dd

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:12:59 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
cache
prebid.adnxs.com/pbc/v1/ 		63 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2c3ca18410190fcca378850df00243a36a6883a90a4526c7a434c350d0ce5ea8

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e38595b8488b4678043c6554212ce03ee23b9ed44233c81b42e63c04b1c789e5

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6eeffd3f39150bce43da9ef40dd24f34a9594a609d9a074330b37c16daa624c6

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d0b7f0890afccd31a5cb155d93bd008927cb1073c75181a8453084905424d30c

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ 		63 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cb6c14dcdb7f1dc197de65a84c401f15ff281618619897c682a4d7f6f869bef6

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
v_plg8hs
www.dailymail.co.uk/abe/a9/price/ 		4 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/v_plg8hs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a97491cd3cfa6d9c0d32b3a1964131f90ca1a9105d748da9a298cd0f7a987a4f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MgOcI1MecyGWn8urcKwWKivFhl_mNKYu
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:57:13 GMT
server
AmazonS3
x-amz-request-id
24D952E4803B719F
etag
"5948d76c6cafa1cd6031cff12b0701db"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=402175
date
Fri, 18 Mar 2022 09:13:00 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
xHBCPEbtiGQ6rzdNFsv0tUT75DUCXEeBKKR93TZn96spSh57S+d50mdgv2fbcLn7+/IhKDhltvk=
v_plg8hs
www.dailymail.co.uk/abe/a9/price/ 		4 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/abe/a9/price/v_plg8hs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:587::16c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a97491cd3cfa6d9c0d32b3a1964131f90ca1a9105d748da9a298cd0f7a987a4f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/news/article-2187999/Will-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MgOcI1MecyGWn8urcKwWKivFhl_mNKYu
content-security-policy-report-only
block-all-mixed-content; report-uri https://dmgm.report-uri.com/r/t/csp/reportOnly
last-modified
Thu, 26 Jul 2018 09:57:13 GMT
server
AmazonS3
x-amz-request-id
24D952E4803B719F
etag
"5948d76c6cafa1cd6031cff12b0701db"
vary
User-Agent
content-type
text/plain
cache-control
public, max-age=402175
date
Fri, 18 Mar 2022 09:13:00 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4
x-amz-id-2
xHBCPEbtiGQ6rzdNFsv0tUT75DUCXEeBKKR93TZn96spSh57S+d50mdgv2fbcLn7+/IhKDhltvk=
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:00 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:00 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
/
sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/ Frame E770
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26%26taboola_hm%3D%25%25VGUID...
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&&taboola_hm=0b9r5uPyhAf7&orig=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&&taboola_hm=0b9r5uPyhAf7&orig=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32652

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&&taboola_hm=0b9r5uPyhAf7&orig=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame E770
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo...
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33397

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
9.gif
id5-sync.com/s/464/ Frame E770 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/464/9.gif?puid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&gdpr=1&&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
rmpssp
sync.1rx.io/usersync2/ Frame E770 		0
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=taboolapmphttps%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtbhv-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:01 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
rmpssp
sync.1rx.io/usersync2/ Frame B830 		0
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=taboolapmphttp%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtbhv-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:01 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
/
sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/ Frame B830
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola...
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0b9r5uPyhAf7&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0b9r5uPyhAf7&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32652

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=0b9r5uPyhAf7&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
9.gif
id5-sync.com/s/464/ Frame B830 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/464/9.gif?puid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&gdpr=1&&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:13:00 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame B830
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo...
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32652

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=no-consent&orig=video&us_privacy=1---
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
crta.dailymail.co.uk/ 		8 B
450 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.93/mol-adverts-delayed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:a80::16c2 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.11 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:01 GMT
server
http-to-kafka/0.8.11
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Fri, 18 Mar 2022 09:13:01 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594782077&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=7&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
db562b42033799aecccf9126d53cde6c505ae5b37af131128d009896b64cfddf

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:13:02 GMT
content-encoding
gzip
server
nginx
machineid
1156
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://reflex.imds-cdn.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
vast.xml
reflex.imds-cdn.com/vpaid/ 		689 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reflex.imds-cdn.com/vpaid/vast.xml?publisher=82376&placement=89226&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/791F) /
Resource Hash
76722bc26c486fb89b80dc3ddfa418089ba725602539f37f56e9f249d7cbce05

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
content-encoding
gzip
age
2606
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
429
access-control-allow-origin
https://www.dailymail.co.uk
last-modified
Wed, 09 Mar 2022 00:40:24 GMT
server
ECAcc (nya/791F)
etag
"ab8-5d9be57d2ce00"
vary
Accept-Encoding
x-varnish
807443691
via
1.1 varnish
cache-control
public, max-age=3600, immutable
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/xml
expires
Fri, 18 Mar 2022 10:13:02 GMT
vpaid.1.0.6.js
reflex.imds-cdn.com/vpaid/ Frame 560C 		306 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.7.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.100 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1E) /
Resource Hash
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
content-encoding
gzip
age
831735
x-cache
HIT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length
93702
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 21:58:28 GMT
server
ECAcc (nya/1C1E)
etag
"4c659-5d3af1aec8900"
vary
Accept-Encoding
x-varnish
779368589 730995497
via
1.1 varnish
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Mar 2023 12:25:58 GMT
sellers.json
contango-cdn.technoratimedia.com/ Frame 560C 		15 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contango-cdn.technoratimedia.com/sellers.json
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.184 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7917) / Express
Resource Hash
7b23dbd7d848d904ffec436842890ab06b0226c4da091daf75c0b7b7cfd859c0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
content-encoding
gzip
etag
W/"3c3c-JHeNXt9ufMljUgibfL6klgmmfHo"
last-modified
Fri, 18 Mar 2022 09:04:35 GMT
server
ECAcc (nya/7917)
age
507
x-powered-by
Express
vary
Accept-Encoding
x-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
content-length
3268
expires
Sat, 19 Mar 2022 09:13:02 GMT
/
sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/ Frame 5C3D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560007&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fpulsepointrtbpmp-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola...
  • https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=QYi3g69PjTQs&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=QYi3g69PjTQs&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29606

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtbpmp-network/1/rtb-h/?gdpr=1&us_privacy=1---&taboola_hm=QYi3g69PjTQs&origin=video&ev=1&us_privacy=1---&pid=560007&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-5jd56
expires
-1
rmpssp
sync.1rx.io/usersync2/ Frame 5C3D 		0
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=taboolapmphttp%3A%2F%2Ftrc.taboola.com%2Fsg%2Funrulyrtbhv-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:02 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
9.gif
id5-sync.com/s/464/ Frame 5C3D 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/464/9.gif?puid=efcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c&gdpr=1&&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:13:01 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
1553
vid.springserve.com/rt/ Frame 560C 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/rt/1553?w=420&h=236&cb=5519041540568597&ap=1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&crossdomain=0&testbucket=83&ud=0&bt=0&sec=1&nc=0&domain=www.dailymail.co.uk&sid=82376%2F89226&adunit=82376%2F89226&client=82376&payid=e108f11b2cdf7d5b&is_inview=1&inview=1&avs=1&vp=100&vw=1&sizebucket=medium&mute=1&schain=1.0%2C0!synacor.com%2C82376%2C1&usp=1---&us_privacy=1---
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.40.59 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-40-59.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
70c882870734e26157598340014b40c4512196ce41be9456a3b6cf85349473d6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:13:02 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
vpaid_ff3047b1.js
vpaid.springserve.com/production/ Frame 8BED 		500 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Requested by
Host: reflex.imds-cdn.com
URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2c00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0acad70975b7ea0cc7142d625b0ae4e13ade8da2df16afb9fa9cbe235b10e651

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 01:16:56 GMT
content-encoding
br
last-modified
Tue, 08 Mar 2022 18:04:32 GMT
server
AmazonS3
age
460567
etag
W/"7695da56b8b4259e1de1d0ac7f64eb72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
50WVugtY_4AMdVGPNWwV5MDT9jEEo741VAbGcfAL2C0zs1HBcqy6-A==
%7B%22adCsm%22:[%7B%22vdr%22:%2216053.80%22,%22tdr%22:%2230138.50%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594782555,%22ver%22:%22r-1.27%22%7D
aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/ Frame 87A6 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ/%7B%22adCsm%22:[%7B%22vdr%22:%2216053.80%22,%22tdr%22:%2230138.50%22%7D],%22pixelId%22:%22r0cfp03xvf%22,%22ts%22:1647594782555,%22ver%22:%22r-1.27%22%7D?cb=7290079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=ImKbEMJMV5JJ01ozvH9nNnAAAAF_nEzBSAEAAAv5ARz66zQ&rnd=2288976735991647594755471&pp=1y4n2f4&p=1m4mmm8&crid=3658_15736_0ngdwb3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:13:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XPV6HE3Q5F0R5AF07AH9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
springserve
uat-net.technoratimedia.com/openrtb/bids/ Frame 8BED 		0
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Mar 2022 09:13:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
597168563
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
i
vid-io-cle.springserve.com/vd/ Frame 8BED 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=ffcc480e&ps_id=623438&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ff3047b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.233.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-233-102.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Fri, 18 Mar 2022 09:13:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
underdog.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/underdog.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:03 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f3d6843988df5bab2d2ace81d28d3a84:1647547190.022103"
content-length
15036
content-type
image/png
cbb.png
gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/ Frame 8555 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/NBCSports/assets/madness/cbb.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.109.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=NBCSports&cm=marchMadness_Web&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:13:03 GMT
last-modified
Thu, 17 Mar 2022 19:59:50 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"bb488bd72ef69559077a79f97c35f8a8:1647547190.022833"
content-length
14718
content-type
image/png
pixel.gif
px.moatads.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/167/429/3/7.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssS3NbYCzXIbzBYuXE181pQDb1fP3KYTdfzMfcCwIgXcVBLm_VRHj2wGsJQAsUkjf-ocqDB8YW7DN9W05nHIsPHOZ3ZcicLDm_l72CgRqnxDAiQNfIY&sig=Cg0ArKJSzPVx6B5t55TNEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220316&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=1839724902&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=2&r=b&rst=1647594752689&wmsd=1
Domain
analyticssystems.net
URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=572782
Domain
px.moatads.com
URL
https://px.moatads.com/pixel.gif?e=0&d=MAILONLINE2%3A423397628%3A21693276204%3A-&de=314405714049&t=1647594753859&i=MOAT_FEATHER_DEBUG1&gw=mailonline371382066490&cm=1&ac=1&f=0&bq=0&ar=16e2d13da31-clean&iw=d25b1fa&dMoatOQs=moatClientLevel1%3D5064879769%26moatClientLevel2%3D2904122127%26moatClientLevel3%3D5787369563%26moatClientLevel4%3D138376929203%26moatClientSlicer1%3D423397628%26moatClientSlicer2%3D21693276204%26zMoatPS%3Dmpu_puff_20%26zMoatST%3D%26zMoatCY%3Dus%26zMoatGS%3D&fq=1&sy=1&gh=0&wb=0&g=0&na=163485541&cs=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuYh-fjtN2WHCqblgJfXbd7vFteVq1rXZRBfl4rrda31s9nt7s43ZYwx3IyTdk4e0by7Aqte3C1STY7Nh7SFyNbjwB70E_5c17bTbdRSFDhUAEoHdQ&sig=Cg0ArKJSzPFbDZyrZMl2EAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220316&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=3166535583&rs=4&la=0&cr=0&vs=2&r=b&rst=1647594753004&wmsd=1
Domain
aax-us-east.amazon-adsystem.com
URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKiaoIDRNcTwuJ9ABlYMgcxNb40TKzTt8ukbqqbC40fmDMqrlLywYacmms6oqen9r-uid5mYrC2lyApWqclbfrVhEIrGKvF6xGPsNvBYH4v0eNKpPP&sig=Cg0ArKJSzGitZ8PdOjQiEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220316&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=2340058067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=2&r=b&rst=1647594754175&wmsd=1
Domain
aax-us-east.amazon-adsystem.com
URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-492d19eb-2393-478d-b157-f8486ad67edd%22%2C%22tracking_id%22%3A%22da02b-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22da02b-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2XUY4z6UAjfyN8jiiSuvI6jrvZ01gexuuBsT6JT7yeVxhwoDO5NwZ4Cp23_zBSNLsUodoELfzOFxtTpX4jfDNz8Zqljg1ltrb2xs-cD0lY37NGIAF&sig=Cg0ArKJSzGYSee04lSkpEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220316&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=2340058067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=2&r=b&rst=1647594754912&wmsd=1
Domain
fls-na.amazon-adsystem.com
URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=285,onejs_exec_time@v=1,aax_load_time@v=391,aax_load_time_one_tag@v=391,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=1ae14c42-c7b6-45a4-8b3c-090ad384e53d&session=637dff69-c549-4a4e-bcd6-5403e51d0fd7
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss77bd07n0zK2bRIX_lY1swJuINTAHmCw7r-_pWHvaNuVaGD4pVuf2k3KAzOc0izjqXN72FvNL71ICxnPxpHEO4vBICNV39J2jDsFHDNL3SKs2rpkU&sig=Cg0ArKJSzCqgKn4ICFxsEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220316&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=3514381609&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=2&r=b&rst=1647594755106&wmsd=1
Domain
analyticssystems.net
URL
https://analyticssystems.net/api/v2/ad/impression/0482cb62-bd76-4a9d-8c21-4a7728d559ec?rand=644900
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
us-wf.taboola.com
URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706965&noaop=3&sortOrderType=0&cb=1647594761429&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1377&pt=2025665367&tz=0&viewable=true&ddast=V7bh4CFgMUdOTkNmMPwwQUdOTkNmMPwwUAAAAGBuIHHDZbzjiTGYezXAxmm9lmM5ssV6vZZjeYzYbQYbPljDOZcTjLxWC2mW02s8ViMFuulsPdbjcFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW4IJETT6fC57vW63-8ucjjNzrfDabZr_HbV1y93-T5_heX09JhdbsliuFsul3td02x2K0bDtVvFuvzdTLPZ6bd73lKHx2v4m966p93usrw1R4fl5Zb5LafX3eUW--0-t9jvOb2FDrPNLbH8TUeX5a12me5C09tsBwAAAIAHgCPpSogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADIAC0QENgHEOhrSbnA67w_A3Oz3_AAB4UAABABDAIAEQwPsqAZBQ-DsBAAAAAAAAAGD5____jwHIQ16VAbiQS-8BePABeCAi0CxiBAAAAACWkK9yNKkTKosqAACCdCuAKwCAgD9OJt_nMAAAgIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJuQRjpQmzOqJq_YLCACw9gsIAMCmbgAAbwJwQWdQo9FmOFrdQK0GswMAAAC4-____9cDyY1tuJmtlqONy2ZZjiYjx8ZmGDmGo4XFsxtZPNt7D5oJ39SXf-rjEJbZ7zsoKKenx-wyiIqut8XucJo9B8ncZL8JW4xWk8lmOZwtF5PBcDQcjfYnkMsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHClM1js608g7XG41iuRbvFaq2cWVZrjXExWDl8E-dqM1uLXh_TczIyWXYbKx7Mx-Xc1y5cFAy424vgIp2IHE6z8-1wmt2qz0Us0Zws0onssm9ubMPNbLUcbVw2y3I0GTk2NsPIMRwtLJ7dyOLZt2wem23lGaw1HsdyLdotVmvlzLJaa4yLwcrhmzhXm9la9PqYnpORybLb-Buz0W61HO1Gw31jNtqtlqPdaLjv0Bm-q8_ZaOt9zx2TyPy8zqwx80HhMli806JF2jocfUaTejFxncbnc2tiNYkrXoPCc_CoFn9rWNg5LKuzbVnhOBgUsURwukgnopfxdBFLJE-LdCJxbRyz4WjjcHhsK-fCtFyuPAuXZzIcuVYW22Y4EUuUpot0ope7fJ-_wnJ6eswut2Qx3C2Xy73uaTa7FaPh2q1yXf5up9ns9Ns9b6nD4zX8TW_d0253Wd6ao8Pycsv8ltPr7nKL_XafW-z3nN5Ch9nmllj-pqPL8la7THeh6W22qP-4kLO5ci4ZLeeiySoBAAAAAAAAACxhzrwJAAAAwGkQs8VwuFsuwIORni4wCAAAAAAAwK5L3idWsG6wdHHjxwzkcJqdb4fT7FZ9rgzwYHTHvNkzQazValkDAAAIYAMAAARw6-YtkHSSAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1182335&dpubid=161887&abtst=adh5c-1_vA!eidc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Domain
public-prod-dspcookiematching.dmxleo.com
URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Domain
i.liadm.com
URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
adtag.primetime.adobe.com
URL
https://adtag.primetime.adobe.com/adserver/trackdmgr?dmgr_db=nl&pid=tbmg&random=-1389049342319734444&tmid=YjRM-gAN66WnSAAy
Domain
cs.vdopia.com
URL
https://cs.vdopia.com/bid?advid=1583&bcid=YjRM-gAN66WnSAAy
Domain
sp.adbrn.com
URL
https://sp.adbrn.com/match?syncid=tm1_937bae71-f265-478e-b2b5-dccb199ad9e9&cid=YjRM-gAN66WnSAAy
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Domain
msec.xp1.ru4.com
URL
https://msec.xp1.ru4.com/cx?_i=52583729&_u=YjRM-gAN66WnSAAy
Domain
sy.eu.angsrvr.com
URL
https://sy.eu.angsrvr.com/sync?type=host&dsp=11&dspuuid=YjRM-gAN66WnSAAy
Domain
www.dailymail.co.uk
URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/6.2.0/sw.js
Domain
crta.dailymail.co.uk
URL
https://crta.dailymail.co.uk/
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l0w7dqyy&c=7778057433221&slotId=3889028716610.5&fb=ima_html5-lima&sdkv=h.3.505.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=20&gpm_c=20&gpm_a=17&smb=1000&br=928&mt=video%2Fmp4&vs=960x540&uet=2&webm=4&vp9=0&vamt=video%2Fmp4%2Cvideo%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=692&vsrc=doubleclick_dmm&met.4=ff.l0w7dsjm&rec=show_ad-1%7CloadedMetadata-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7Cviewable_impression-1%7CfirstQuartile-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l0w7drck&c=7778057433221&slotId=3889028716610.5&uet=2&met.4=hvd_lc.l0w7drck~hvd_src.l0w7drck
Domain
px.moatads.com
URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&sgs=3&vb=15&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2F8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&i=MAILONLINE2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-GnOvBihjElCFgA%3D%3D&sc=1&os=1-ng%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=337&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=18&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&id=1&ii=4&f=0&j=&t=1647594748255&de=875025318515&rx=305135542903&cu=1647594748255&m=35889&ar=16e2d13da31-clean&iw=f4fab01&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=18&lb=62021&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A6335%3A6335%3A24259%3A7697&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=30073&cd=15073&ah=30073&am=15073&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5064879769%3A2907386859%3A5801406709%3A138366224032&cm=0&bo=423397628&bp=21693274347&bd=mpu_puff_10&zMoatPS=mpu_puff_10&gw=mailonlineprebidheader526476985912&zMoatOrigSlicer1=423397628&zMoatOrigSlicer2=21693274347&dfp=0%2C1&la=21693274347&zMoatCY=us&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=mpu_puff_10&zMoatCURL=dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&jm=-1&tz=mpu_puff_10&iq=na&tt=na&tc=0&fs=197504&na=2114421372&cs=0

Verdicts & Comments Add Verdict or Comment

501 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| 64 object| 65 object| 66 object| 67 object| 68 object| 69 object| 70 object| 71 object| 72 object| 73 object| 74 object| 75 object| 76 object| 77 object| 78 object| 79 object| 80 function| structuredClone object| oncontextlost object| oncontextrestored boolean| disableAds object| PageCriteria string| PUSHLY_DOMAIN_KEY boolean| useGpt boolean| ANDDebugOn string| s_account string| s_account15 boolean| haveRenderedSponsoredPollOnPage boolean| useRtp string| twitterVia string| adReferrer string| adType string| dartSiteId string| adAreaSiteId string| adAreaId string| adSubareaId string| adPageType string| adContent string| adSection string| adArticleId string| adEnvironment boolean| enableAds object| DMPlaceholder object| DM function| isAdFreeEntitled string| currentChannelTwitterFollow string| inlineModules object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| webVitals object| RTA function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| setImmediate function| clearImmediate object| regeneratorRuntime object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| molFeDataLayer function| gtag object| _ object| MobileUtils string| searchTerms object| dm string| refererHost undefined| docReferrerHostMatches undefined| docReferrerHost object| pagemeta string| feTag boolean| applePrivateRelay string| GoogleAnalyticsObject object| gaGlobal object| gaData string| molMVTest object| vttjs function| WebVTT object| adListLoader object| adsDescriptions object| adsRenderer object| DfpServer object| adsTrackers object| AdIntegrator object| AdBehaviour object| AdImpression function| AdEvents function| openAdsControlPanel object| permutive object| googletag object| _tfa object| _qevents object| __promised_cmp function| moatYieldReady object| _fbq object| Ext string| id function| $ function| jQuery object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google string| articleShortUrl object| _taboola boolean| DotMetricsInitScript object| hulk object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| _typeof object| TFASC object| TRC number| taboola_view_id object| TRCImpl function| __trcError function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| setKargoCookieClickthrough object| ggeac boolean| apstagLOADED object| apstag object| _tblConsole string| pm_pgtp undefined| msg object| headertag function| IrisContextAPI object| IrisContextGlobal undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_52124741 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_52124741 function| __moatSlotTagLoadedmailonlineprebidheader526476985912 object| moatPrebidApi object| pbjs object| _pbjsGlobals boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| google_measure_js_timing function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id function| TBOptimizationTouchAndClickEventTracker object| _pmk function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Bg object| _pm_mcg object| FFF object| adBlockQueue object| ABE object| DMS function| emailArticle function| postToDiggit function| postToFark function| postToFB function| postToLinkedIn function| postToPinterest function| postToReddit function| postToTWTTR object| DMArticleDefer object| DMDefer function| videojs object| pkcs7 undefined| Hammer object| Mustache object| TINY object| FFFOverlayHelpers object| s object| closure_lm_261638 function| submitReportAbuseFunction undefined| initialData object| DotMetricsSettings object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| molFePaywallConfig object| Kargo object| closure_lm_850472 object| ampInaboxIframes object| ampInaboxPendingMessages object| webpackJsonPMolFePaywall object| ox_esp object| criteo_pubtag object| criteo_identitytag_121 object| Criteo_identitytag_121 object| indexESP object| placementData string| nam object| criteo_syncframe_state object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| cmTag function| __uspapi object| ID5 object| PublisherCommonId object| _cm_wfCounters string| lastWfUrl function| webpackHotUpdate function| startCMTagMain string| category object| bouncex function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| vpaidId function| OvaMediaPlayer object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie string| vpaidAnalyticsFuncStr function| __iwgtk__ function| __iwct__ object| __rfc__ object| __rfs__ function| __old__refresh function| __rfsfn__ function| close_bouncex_ad object| jQuery1102031052259677141225 object| closure_lm_385701 undefined| GLOBAL_VAR number| lnt_z object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| google_reactive_ads_global_state object| closure_lm_412799 number| measureInterval object| google_ad_modifications object| google_prev_clients number| BOOMR_onload object| GoogleGcLKhOms object| tbopt object| google_image_requests

433 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/an Name: oo
Value: 1
.resetdigital.co/csync Name: ckbk
Value: 000000A26BEA534F
.mrtnsvr.com/sync Name: userId
Value: jh4HRsd4p
.3lift.com/sync Name: sync
Value: CgoIgAIQn-yz4vkvCgoIgQIQwpez4vkvCgoIggIQn-yz4vkvCgoIhwIQwpez4vkvCgkICRDCl7Pi-S8KCQhJEO2Xs-L5LwoJCAsQwpez4vkvCgoIiwIQn-yz4vkvCgoIjAIQwpez4vkvCgoIzgEQ7Zez4vkvCgoIjgEQ7Zez4vkvCgoIjwIQn-yz4vkvCgoIkQIQ7Zez4vkvCgoIkgIQ7Zez4vkvCgoIlAIQ7Zez4vkvCgoI1gEQ7Zez4vkvCgoIlgIQn-yz4vkvCgkIGxDtl7Pi-S8KCgjeARCf7LPi-S8KCQhfEMKXs-L5LwoJCB8Q7Zez4vkvCgoIoQEQwpez4vkvCgoIoQIQn-yz4vkvCgoI4gEQwpez4vkvCgoI4wEQn-yz4vkvCgoI5gEQwpez4vkvCgoI5wEQn-yz4vkvCgkIcxCf7LPi-S8KCQg5EO2Xs-L5LwoJCDoQwpez4vkv
i.liadm.com/s Name: _li_ss
Value: MgYI0gEQ3REyBQgGEOsRMgkI_____wcQ6xE
.dailymail.co.uk/ Name: AKA_A2
Value: A
www.dailymail.co.uk/ Name: percent
Value: 173659
.dailymail.co.uk/ Name: _ga
Value: GA1.3.1144404248.1647594748
.dailymail.co.uk/ Name: _gid
Value: GA1.3.1969399204.1647594748
.dailymail.co.uk/ Name: _gat_gtag_UA_3639451_11
Value: 1
www.dailymail.co.uk/ Name: dm_clientsegment
Value: c
ted.dailymail.co.uk/ Name: phid
Value: view-l0w7dfji-43itlfxk0ky-mtni0xc8qni
t.dailymail.co.uk/ Name: phid
Value: view-l0w7dfji-43itlfxk0ky-mtni0xc8qni
www.dailymail.co.uk/ Name: _pubcid
Value: ebe45e15-7ea9-4da7-9c84-d40d0030ab4f
.dailymail.co.uk/ Name: _pubcid
Value: ebe45e15-7ea9-4da7-9c84-d40d0030ab4f
cdn.taboola.com/ Name: abLdr
Value: 11
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=204b6523-483f-40c0-bc3d-cf3b222347af&Created=03/18/2022 09:12:28&UserMode=0&guid=f59e721d-749d-40f5-875f-70f34ee93efc&ver=1
www.dailymail.co.uk/ Name: mol.ads.visits
Value: 0
www.dailymail.co.uk/ Name: mol.ads.visitsExpire
Value: Mon, 18 Apr 2022 09:12:28 GMT
.facebook.com/ Name: fr
Value: 06TxlxPiMshL9VXOI..BiNEz8...1.0.BiNEz8.
.dailymail.co.uk/ Name: permutive-session
Value: %7B%22session_id%22%3A%226e061027-e57f-48dd-90fd-7be7bf07981a%22%2C%22last_updated%22%3A%222022-03-18T09%3A12%3A28.612Z%22%7D
.dailymail.co.uk/ Name: permutive-id
Value: 869b04fa-ec24-4695-beb4-53b261fa91cf
www.dailymail.co.uk/ Name: latest-article-count
Value: 5635347
www.dailymail.co.uk/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sharethrough.com/ Name: stx_user_id
Value: 89374ba2-b7ae-46bf-a2cf-9efa7854afd7
www.dailymail.co.uk/ Name: krg_crb
Value: %7B%22v%22%3A%22eyJjbGllbnRJZCI6IjZmOWJmMWViLWE4NWUtNGI0Yi1hODdmLTIxODg5OWUzYTM0MSIsImxleElkIjpudWxsLCJzZWdtZW50cyI6W10sInN5bmNJZHMiOnt9LCJrdGNJZCI6bnVsbCwiZXhwaXJlVGltZSI6MTY0NzY4MTE0OTI2NSwibGFzdFN5bmNlZEF0IjpudWxsLCJwYWdlVmlld0lkIjoiIn0%3D%22%7D
www.dailymail.co.uk/ Name: krg_uid
Value: %7B%22v%22%3A%7B%22clientId%22%3A%226f9bf1eb-a85e-4b4b-a87f-218899e3a341%22%2C%22userId%22%3Anull%2C%22optOut%22%3Afalse%7D%7D
.omnitagjs.com/ Name: ayl_visitor
Value: 5557575d0abe164daa5f4a79139b1190
.id5-sync.com/ Name: callback
Value:
.adsrvr.org/ Name: TDID
Value: f67a371d-f285-4ca2-be6f-f2af79502cb4
.rubiconproject.com/ Name: khaos
Value: L0W7DGRS-P-64GH
.rkdms.com/ Name: sessionid
Value: h-d43e223207ed9e03261c32e43d5e2024_t-1647594749
.yahoo.com/ Name: A3
Value: d=AQABBP1MNGICENlB0i-AKU5ttJb5yunrQ2wFEgEBAQGeNWI-YgAAAAAA_eMAAA&S=AQAAAkwIzSjEV6HuBohmHwfxAkE
.kargo.com/ Name: ktcid
Value: 8bef9ade-cba3-06bf-1e98-d599e326cc42
.openx.net/ Name: i
Value: ebe45e15-7ea9-4da7-9c84-d40d0030ab4f|1647594749
.teads.tv/ Name: tt_viewer
Value: b461e87f-8879-4cb8-91f3-4971bc6dfd5a
.tapad.com/ Name: TapAd_TS
Value: 1647594749530
.tapad.com/ Name: TapAd_DID
Value: af231e30-3711-4eea-abed-7905c7506b1d
.doubleclick.net/ Name: IDE
Value: AHWqTUk-U1TlWmg6QHahmlqQ7JY28e1iEzxsGoKoSWPnUDYTZFOG1ktO_CPa6ZVRamE
www.dailymail.co.uk/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Defcf6e30-cc19-4715-9f25-c810ea7b9536-tuct92dd27c
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14202%3B%24qt%3D152_1829_10507t%3B%24dma%3D514
.mathtag.com/ Name: uuid
Value: a41e6234-4cfd-4600-9afd-9c92d96c3201
.adnxs.com/ Name: uuid2
Value: 6359460436251910749
.bidswitch.net/ Name: tuuid
Value: 7c645530-439f-430f-be08-f3bda86d545b
.bidswitch.net/ Name: c
Value: 1647594749
.bidswitch.net/ Name: tuuid_lu
Value: 1647594749
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14202%3B%24qt%3D152_1829_10507t%3B%24dma%3D514&c=1&l=296165366&lo=947885348&lt=637831951496471312&o=1
.criteo.com/ Name: uid
Value: f28276b3-9d17-458b-abb4-eebe2da172c7
.tremorhub.com/ Name: tvid
Value: d99669153bd3448cb5f094dc6f4e840d
.pippio.com/ Name: did
Value: corByJXUE_d6N2PS
.pippio.com/ Name: didts
Value: 1647594749
.pippio.com/ Name: nnls
Value:
.spotxchange.com/ Name: audience
Value: 898167d1-a69b-11ec-a277-16f784d60003
.smartadserver.com/ Name: pid
Value: 8297679604156303488
.tremorhub.com/ Name: tvrg_61133
Value: 1,1647594750
www.dailymail.co.uk/ Name: DM_SitId845
Value: true
www.dailymail.co.uk/ Name: DM_SitId845SecId4637
Value: true
www.dailymail.co.uk/ Name: DM_SitIdT845
Value: true
www.dailymail.co.uk/ Name: DM_SitId845SecIdT4637
Value: true
.pippio.com/ Name: pxrc
Value: CP6Z0ZEGEgQIAhAAEgYI3awrEAA=
uk-script.dotmetrics.net/ Name: AWSALBCORS
Value: lY5bvT1sNEzQJTPOmNj/vkiOPpXT9OAjs5aBwbLV8jMj/w+mke/mLk0K9YT7xEmlDHo2rBAV/OE7ZCkdczarSIXXIcSO0qT9APPR4YieEC6U/RXaerFPokAn3dki
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B93E2E12-AA9E-4220-8310-B08598FC53B9
.dailymail.co.uk/ Name: cto_bundle
Value: X2sof19FaVVheFZiVGlnRUFpQUo4RSUyRjE2aUkzOWFEcWY5RGxtYUFvQlZwWHF3R3RVRmw0TnRpVzdHemhCUndjMHJhclFtWXRWTHF4T0dYOEI0RUUxUmhMMjlkWHhsYWFabnRWMTU1JTJGJTJGY1k4bHdQZ2ZIMVppbFRnTUVVZlhpQ0lwSHpaT3VKOEpZU3U4c3FPelJTam12VVpYemclM0QlM0Q
.quantserve.com/ Name: mc
Value: 62344cfe-4720b-16d86-7e1e6
.dailymail.co.uk/ Name: __qca
Value: P0-19554641-1647594748430
.amazon-adsystem.com/ Name: ad-id
Value: AzhM7B-43kcVoNrrW4xgkNQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.krxd.net/ Name: _kuid_
Value: OuX9gXEj
.openx.net/ Name: univ_id
Value: 537072971|f67a371d-f285-4ca2-be6f-f2af79502cb4|1647594750616174
.taboola.com/ Name: t_gid
Value: 62735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YjRM-gAN66WnSAAy
.smaato.net/ Name: SCM
Value: 77c60781
.smaato.net/ Name: SCMaps
Value: 77c60781
.simpli.fi/ Name: suid
Value: 5036F47B1E164C5B8C56BBC185A6E0FD
.gumgum.com/ Name: vst
Value: u_55e3ef01-907b-4e81-87c2-f443b724f20b
.3lift.com/ Name: tluid
Value: 2230631680262455077259
.lijit.com/ Name: ljt_reader
Value: 6c08c9107bed88b791eade9c
.emxdgt.com/ Name: uid
Value: 57461647594750670190ab
.yieldmo.com/ Name: yieldmo_id
Value: g51298f292f21f006546%7C1647594750672%7C0%7C
.turn.com/ Name: uid
Value: 3142368608644553920
.casalemedia.com/ Name: CMID
Value: YjRM-vslB2dqu-QqfshUQAAA
.casalemedia.com/ Name: CMPS
Value: 1015
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDOxsDAwMTY10FEysUTlG6NyLdCUm6LwawGJ%2BRAi
.undertone.com/ Name: UTID
Value: 4c54f48e0b62419f8f97f771c71e8375
.undertone.com/ Name: UTID_ENC
Value: 4ionw6qai7unrkseoq36iot4l
.casalemedia.com/ Name: CMPRO
Value: 559
cmp.dmgmediaprivacy.co.uk/ Name: usprivacy
Value: 1---
cmp.dmgmediaprivacy.co.uk/ Name: uuid
Value: d0b435cd-e2c9-4eb1-9827-671ef8ebeafc
.emxdgt.com/ Name: apn_id
Value: 6359460436251910749
.outbrain.com/ Name: obuid
Value: 91731e00-3a06-4d6f-8743-d7f34743ce22
.33across.com/ Name: 33x_ps
Value: u%3D119024359231037%3As1%3D1647594750899%3Ats%3D1647594750899
.360yield.com/ Name: tuuid
Value: 7e051b50-b1eb-4e90-80d8-b8c746f9c11d
.360yield.com/ Name: tuuid_lu
Value: 1647594750
.technoratimedia.com/ Name: tads_uid
Value: 34B9E82E4748403EAA98BCED7FCDFCB4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220318051230-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.ipredictive.com/ Name: cu
Value: 8a1de752-a69b-11ec-92c5-fb53764b0872|1647594750900
.deepintent.com/ Name: CDIUSER
Value: di_174ff51fcf874097873f0
.zemanta.com/ Name: zuid
Value: hC9c_JxukxkuB_-lTGAw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 395d390a893bbbd3
www.dailymail.co.uk/ Name: usprivacy
Value: 1---
www.dailymail.co.uk/ Name: uuid
Value: d0b435cd-e2c9-4eb1-9827-671ef8ebeafc
.bfmio.com/ Name: __106_cid
Value: f67a371d-f285-4ca2-be6f-f2af79502cb4
.bfmio.com/ Name: __bfio_sync
Value: CCD8ADA196992E5DFFD12AAE2F5B515D
.bfmio.com/ Name: __io_cid
Value: f67a371d-f285-4ca2-be6f-f2af79502cb4
.sitescout.com/ Name: ssi
Value: b16d1398-dea4-4095-89d1-65023eecd45c#1647594750937
beacon.lynx.cognitivlabs.com/ Name: UID
Value: bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-217a4951-fd1f-4cba-70db-7d76eada73b9.pG3fBqKEmSMeT7anq2iVpIqSzGdTi%2BcYPfB4bXotoww
.bfmio.com/ Name: __157_cid
Value: y-7TO2EhhE2pJO_pl9Xyni71_w1zgvwXJ6bhWlfgn9vg--~A
.tynt.com/ Name: uid
Value: E7CnJ2I0TP7mznu1HSJN+g==
.bfmio.com/ Name: __167_cid
Value: av-951e2293-d2ed-483f-a976-5bdc8a2c1514
.lijit.com/ Name: _ljtrtb_3
Value: a41e6234-4cfd-4600-9afd-9c92d96c3201
.lijit.com/ Name: _ljtrtb_49
Value: znmAT1MDgfzc
.ads.yieldmo.com/ Name: ptrpp
Value: QKodMwjjXFVx
.ads.yieldmo.com/ Name: ptrstk
Value: IXpJUf0fTLpw23126tpzuWAJ-So
.ads.yieldmo.com/ Name: ptrt
Value: f67a371d-f285-4ca2-be6f-f2af79502cb4
.creativecdn.com/ Name: ts
Value: 1647594751
.creativecdn.com/ Name: u
Value: 5sXF81LhMv9MWGJQujci
.storygize.net/ Name: U
Value: 5da0036c-9b6c-4679-84ff-2073e189b78a
.ads.yieldmo.com/ Name: ptrbsw
Value: 7c645530-439f-430f-be08-f3bda86d545b
.exelator.com/ Name: EE
Value: "c2a016574c548c864739554721af23c5"
.dyntrk.com/ Name: dyn_u
Value: 03030002_62344cff31ce1
.lijit.com/ Name: _ljtrtb_86
Value: 5sXF81LhMv9MWGJQujci
.bfmio.com/ Name: __178_cid
Value: 5da0036c-9b6c-4679-84ff-2073e189b78a
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZKNHA0MzU3CTZ1MQi2cLMxNzY0tTUxNzIMDHNyDjZdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJySX5RZvqi0ODFRSlpDItKik8F7z%252BnBgAw0ilV"
.mediarithmics.com/ Name: mics_vid
Value: 26018534275
.mediarithmics.com/ Name: mics_uaid
Value: web:1:39716351-501b-42cd-9b08-fac60e967387
.mediarithmics.com/ Name: mics_lts
Value: 1647594751156
.socdm.com/ Name: SOC
Value: YjRM-8Co8XgAAKuqQKkAAAAA
.smaato.net/ Name: SCMo
Value: 77c60781
.dailymail.co.uk/ Name: bounceClientVisit4453v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0AJgIYCWYAngLa1hkDGA9mQK4DWRAOwCmxdASoAnBDTZghAWlwBGABwB2AJxaiAdTph5SgCwrG8gKLcJHALL6aHASnkArKm14QOCecRoDhCXkUOEkFADMOKW5heTBHAHM4jhQfULBw+QAjawQ4ISDGIQQyREYwEAAaEAkYEBAAXyA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005%22%7D
.outbrain.com/ Name: smaato
Value: 77c60781
.lijit.com/ Name: _ljtrtb_16
Value: b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
.doubleclick.net/ Name: DSID
Value: NO_DATA
.lijit.com/ Name: _ljtrtb_56
Value: RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&859ffd42-84e7-457c-8191-136682b6219a"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2579:u=1:x=1:i=1647594751:t=1647681151:v=2:sig=AQG6YBM_D6BibtG2vmCXgfI-QO6-MjKH"
.bounceexchange.com/ Name: bounceClientVisit4453c
Value: %7B%22vid%22%3A1647594751690600%2C%22did%22%3A%22326495355294331872%22%7D
.bidr.io/ Name: bito
Value: AAGn007EaJoAAAyap1piaQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
ssp.behave.com/ Name: tuuid
Value: b12eb9e2-4c79-46fc-9290-2160bc2e145f
ssp.behave.com/ Name: c
Value: 1647594752
ssp.behave.com/ Name: tuuid_lu
Value: 1647594752
.owneriq.net/ Name: si
Value: Q7008811521702904394P
.owneriq.net/ Name: pmc
Value: 1
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Ddda93a40-6aab-4712-aa91-e6ce437f8a4e
.bnmla.com/ Name: rx_uuid
Value: dda93a40-6aab-4712-aa91-e6ce437f8a4e
.bnmla.com/ Name: rx_maxage_10738
Value: 1648890752
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:5036F47B1E164C5B8C56BBC185A6E0FD
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMQyr0Y-b31ptkPzhP9QG9k&KRTB&16514-CAESEMQyr0Y-b31ptkPzhP9QG9k&KRTB&23025-CAESEMQyr0Y-b31ptkPzhP9QG9k
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_174ff51fcf874097873f0
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6359460436251910749&KRTB&23339-6359460436251910749
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM&KRTB&19420-HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM&KRTB&22979-HfRKWB-lHwkG8k5eG6RUXR2iQVoG8RxdTvBa4IRM
.w55c.net/ Name: wfivefivec
Value: mXDI4agD1Nv8EU5
.acuityplatform.com/ Name: auid
Value: 656893234070
.adform.net/ Name: C
Value: 1
.id5-sync.com/ Name: 3pi
Value: 2#1647594749852#-774955352#6359460436251910749|18#1647594751465#-1118137881|264#1647594750114#228736294#f67a371d-f285-4ca2-be6f-f2af79502cb4|155#1647594751872#-548850238#AAGn007EaJoAAAyap1piaQ|796#1647594752083#767986282|429#1647594752275#-1862724017
.adgrx.com/ Name: ADGRX_UID
Value: 8af7dc84-a69b-11ec-9692-13cc52d00862
.w55c.net/ Name: matchpubmatic
Value: 5
.mfadsrvr.com/ Name: tuuid
Value: 65ed1fbd-31f1-4fb7-8b90-717cee4b5c64
.mfadsrvr.com/ Name: c
Value: 1647594752
.mfadsrvr.com/ Name: tuuid_lu
Value: 1647594752
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YjRM-gAN66WnSAAy&KRTB&22978-YjRM-gAN66WnSAAy&KRTB&23194-YjRM-gAN66WnSAAy&KRTB&23209-YjRM-gAN66WnSAAy
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-IXpJUf0fTLpw23126tpzuWAJ-So
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3142368608644553920
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-8a1de752-a69b-11ec-92c5-fb53764b0872&KRTB&23011-8a1de752-a69b-11ec-92c5-fb53764b0872&KRTB&23355-8a1de752-a69b-11ec-92c5-fb53764b0872
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f67a371d-f285-4ca2-be6f-f2af79502cb4&KRTB&22918-f67a371d-f285-4ca2-be6f-f2af79502cb4&KRTB&23031-f67a371d-f285-4ca2-be6f-f2af79502cb4
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&KRTB&16736-uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&KRTB&23019-uid:a41e6234-4cfd-4600-9afd-9c92d96c3201&KRTB&23208-uid:a41e6234-4cfd-4600-9afd-9c92d96c3201
.adform.net/ Name: uid
Value: 6486416200911656969
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-656893234070
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:mXDI4agD1Nv8EU5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-8af7dc84-a69b-11ec-9692-13cc52d00862
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005&KRTB&17107-RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGbf6_kKU1DQN4Z-QLAAAAAAA&KRTB&22713-AAAGbf6_kKU1DQN4Z-QLAAAAAAA&KRTB&22715-AAAGbf6_kKU1DQN4Z-QLAAAAAAA
.mfadsrvr.com/ Name: bsw_uid
Value: 7c645530-439f-430f-be08-f3bda86d545b
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-dda93a40-6aab-4712-aa91-e6ce437f8a4e
.technoratimedia.com/ Name: tads_uidp_73
Value: AAGn007EaJoAAAyap1piaQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGn007EaJoAAAyap1piaQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6486416200911656969&KRTB&23263-6486416200911656969
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7008811521702904394&KRTB&22521-Q7008811521702904394
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_ECEB475D_E7E4EC2A&KRTB&23092-R1B342_ECEB475D_E7E4EC2A
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 4583e0ec-e0f2-514d-bbae-6eb4d99a23b4
.betweendigital.com/ Name: ss
Value: 1
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"ORKDWKYW7LKTQTV3P3Z4GQEHUPOOPCHX34BVD2MN57YA====","deviceID":"ORKDWKYW4HIV4KEDNTTOMW6277ZKFJ5MYI5XBSUY77RQ====","iv":"2CN4LJRFVH25P2MCVYKTVLT4FM======","v":1}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"ORKDWKYW7LKTQTV3P3Z4GQEHUPOOPCHX34BVD2MN57YA====","deviceID":"ORKDWKYW4HIV4KEDNTTOMW6277ZKFJ5MYI5XBSUY77RQ====","iv":"2CN4LJRFVH25P2MCVYKTVLT4FM======","v":1}
ssp.behave.com/ Name: um2
Value: !2,7c645530-439f-430f-be08-f3bda86d545b,416873552
.dailymail.co.uk/ Name: __idcontext
Value: eyJjb29raWVJRCI6Ik9SS0RXS1lXN0xLVFFUVjNQM1o0R1FFSFVQT09QQ0hYMzRCVkQyTU41N1lBPT09PSIsImRldmljZUlEIjoiT1JLRFdLWVc0SElWNEtFRE5UVE9NVzYyNzdaS0ZKNU1ZSTVYQlNVWTc3UlE9PT09IiwiaXYiOiIyQ040TEpSRlZIMjVQMk1DVllLVFZMVDRGTT09PT09PSIsInYiOjF9
id.sharedid.org/ Name: sharedid
Value: 01FYE4SJY4ZGB37AYSSTVS73BN
.id5-sync.com/ Name: id5
Value: 0a6e964a-0742-4a39-b8e0-17f29dc93a3d#1647594752990#1
.advertising.com/ Name: APID
Value: UP8b69f008-a69b-11ec-ab1f-0ee056c3f6c1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%226f27415d53%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%229ca61abeef%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%22f5b8438f72%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%2C%7B%22p%22%3A%226db3fb8a85%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%22725d221570%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753068%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1647594751001%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1647594753039%7D%5D
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7c645530-439f-430f-be08-f3bda86d545b
.fg8dgt.com/ Name: tuuid
Value: d536f042-19b6-42d9-88ca-c1eb8d591069
.fg8dgt.com/ Name: c
Value: 1647594753
.fg8dgt.com/ Name: tuuid_lu
Value: 1647594753
.bidswitch.net/ Name: redir_url
Value: bada48c5-e4e6-42e9-aade-5845ab91df36_4fb1b838-50eb-beb2-fc23-7e189ad55028
www.dailymail.co.uk/ Name: sharedid
Value: %7B%22id%22%3A%2201FYE4SJY4ZGB37AYSSTVS73BN%22%2C%22ts%22%3A1647594753449%7D
www.dailymail.co.uk/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22f67a371d-f285-4ca2-be6f-f2af79502cb4%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-02-18T09%3A12%3A32%22%7D
.liadm.com/ Name: lidid
Value: 17d8e2b3-daa7-4519-b51f-4046449f3ff3
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJicmlnaHRyb2xsIjp7InVpZCI6InktWU1YVjJFTkUycEdnWGJhMW53VGtSX1lMVVVBR1BZa0JKczdSbzhVamE0elRzV25YbkQ3QlhFOC1+QSIsImV4cGlyZXMiOiIyMDIyLTA2LTE2VDA5OjEyOjI5WiJ9LCJncmlkIjp7InVpZCI6IjdjNjQ1NTMwLTQzOWYtNDMwZi1iZTA4LWYzYmRhODZkNTQ1YiIsImV4cGlyZXMiOiIyMDIyLTA2LTE2VDA5OjEyOjI5WiJ9LCJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMjMwNjMxNjgwMjYyNDU1MDc3MjU5IiwiZXhwaXJlcyI6IjIwMjItMDYtMTZUMDk6MTI6MzNaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMjIzMDYzMTY4MDI2MjQ1NTA3NzI1OSIsImV4cGlyZXMiOiIyMDIyLTA2LTE2VDA5OjEyOjMzWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTAzLTE4VDA5OjEyOjI5WiJ9
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 195CF71ADE3465321381E671DFBB6411
.linkedin.com/ Name: li_sugr
Value: 6c7f6702-b789-4025-bb66-fd8c70d7e428
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwS_YOaGh44CpyqGc3M45XSzIruOOTtrCI2-1vq34xuvno1XImr2RYbm3pQC4TM1
.smadex.com/ Name: smxtrack
Value: a1aab94b-3281-4bf3-a90c-f31056463a9c
.adsymptotic.com/ Name: U
Value: 9f05f3184f4bef023f0673c69dddc0f5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNja1sLQ0NDIxNDQzNTY3MjC2sBTiM9RNsiz2L6wKtfQMLQ8DAK-1JsIlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNja1sLQ0NDIxNDQzNTY3MjC2sBTiM9RNsiz2L6wKtfQMLQ-T4jU0MzE3tQRioKwBAEif5tM0AAAA
.go.affec.tv/ Name: ck
Value: 62344d01da342e000130b18d
.go.affec.tv/ Name: oo
Value: 1
.exelator.com/ Name: hsk_1374
Value: "gAAAAAQAAACEKLUv%252FSCEIQQAiKRidWlk2gAyYjE2ZDEzOTgtZGVhNC00MDk1LTg5ZDEtNjUwMjNlZWNkNDVjLTYyMzQ0Y2ZlLTU1NTOjaHNrpDU1NTWoZGVsaXZlcnmkNTU1NaN2ZXIBpWJuYW1lp1MyMDRTU0OldHNlZ3OnMjUxMjMzNqViY29kZc0FXqJ0c8pTv84m"
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJwVjcFqAzEMRP%2FF5wokS%2FJavRVKAqV7aCl0r17b2ySQXEJ72NJ%2Fr3wbhnlvfoOm8BjeF8CJTXhCmGoTkEoRiuAKK7ckLK1ukgFRw0NgJ4pQT5HHcmsgCRGseLJqsVmqHJF8SsO%2BUmrElqH14gCaQrZGkBQj9%2B5%2FWmHI3NVBVdlJMSf32%2FXpg%2Bbnr22v3uVh0%2FtyyPR6mn9s%2Fjy%2BvH1f6jn8%2FQMvlzLD
.lijit.com/ Name: _ljtrtb_76
Value: 54a6bf8c-3d9a-485d-81ee-aa431ca6a7e0
beacon.lynx.cognitivlabs.com/ Name: ss
Value: FE8wEfX6Ti283BI3lBQt0jfoE0647HwlQEDAk%2FtNPxyWmsfUSGFFos3mEhNrJZWfIdJyms8Vva0iVsu1hN0kBg%3D%3D
.w55c.net/ Name: matchcasale
Value: 5
.demdex.net/ Name: demdex
Value: 73036983126550283923672921214654110234
.media.net/ Name: visitor-id
Value: 2905963546634644000V10
.media.net/ Name: data-o
Value: f06408d3-7c2e-48b0-a51d-628bd6f80a6e~~3
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: oxc
Value: 1
.eqads.com/ Name: EQUser
Value: UID=e0d60695-3cb3-4226-91f9-a35d415d8ff9
.w55c.net/ Name: matchopenx
Value: 5
.adotmob.com/ Name: partners
Value: IX%3A1647594754485
.adotmob.com/ Name: uid
Value: 076e2204075d403fca6659f0
.adotmob.com/ Name: uuid
Value: 076e2204075d403fca6659f0
.adhaven.com/ Name: uid
Value: 4c_ac30a96d-446b-4335-8d96-04fb42ed3a51
.blismedia.com/ Name: b
Value: 62344D02E757EE595C2E1B03BLIS
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY0NzU5NDc1NCwiaWQiOiI2MzU5NDYwNDM2MjUxOTEwNzQ5IiwibHMiOjE2NDc1OTQ3NTR9LCJ0dCI6eyJkdCI6MTY0NzU5NDc1MywiaWQiOiJFN0NuSjJJMFRQN216bnUxSFNKTitnPT0iLCJscyI6MTY0NzU5NDc1M30sInYiOjB9|1647594754|05837d6ff0a3a2f8ff8b917e78fce527b1cb98de
.dpm.demdex.net/ Name: dpm
Value: 73036983126550283923672921214654110234
.admixer.net/ Name: am-uid
Value: 2e857ad4444f48ce945e6ca5f0e5d9c1
.mxptint.net/ Name: mxpim
Value: R1B342_ECEB475D_E7E4EC2A.1.000000000000000062344D00000000000000000062344D02
.cpx.to/ Name: cpSess
Value: 1a69d0cfb7be6e5f
.cpx.to/ Name: dsp_OPENX
Value: 78754d5f-eb86-4e5f-a4c4-e44965808730#1647594754675
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 547a1af06dbd9e5430744b2dd9d67bf
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQNzUxTzRMTDMwS0lKsUw1NTE2MDcxSTJKSbFMMTNPSmMAgiQTXyYQDQUAQfkJxQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIMvFlAlJQAAALxADm"
.smartadserver.com/ Name: vs
Value: 395440=4843272&496793=4843272
.pubmatic.com/ Name: DPSync3
Value: 1648771200%3A236_246_221_226_228_201_197_219_245%7C1647648000%3A174%7C1648166400%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1647993600%3A216%7C1650153600%3A224%7C1652745600%3A69%7C1648771200%3A165_21_7_81_54_3_99_239_166_57_189_56_71_204_240_13_231_104_222_176_220_233_8_234_5_178_22_48_55_238_243_96%7C1648166400%3A15_38_2_223%7C1648425600%3A63%7C1648857600%3A35
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 159335:4
.adnxs.com/ Name: icu
Value: ChgI9K4pEAoYAiACKAIw_ZnRkQY4AkACSAIKGAiI0nsQChgCIAIoAjCFmtGRBjgCQAJIAgoYCJG6fBAKGAEgASgBMIKa0ZEGOAFAAUgBEIWa0ZEGGAQ.
.connextra.com/ Name: CxtId
Value: 9aba8b5e-113a-41f7-848e-f0ddb88900a8
.connextra.com/ Name: NBCSports
Value: A%7Cpostimpression%7C1%7C202203180912%7C7%7CDDM_APN_US_Sports_ACQ_300x250%7CDDM_SB_ACQ_US_MarchMadnessCBBPickNRollMar2022_300x250%7C%7C%7CJ3mf1t2BT6KTtXIMPIyBfQ
ads.playground.xyz/ Name: connect.sid
Value: s%3A5wd0eFCipwznj2gwAds0c1975a6ievqk.qnIxxLdqq2wGjSy%2FUWlqZARtLSHsb8hiuj7IBXZ%2FWUA
.inmobi.com/ Name: idsp_c
Value: bf3d6116-2f12-4b2f-8206-ce18651488a2
.fiftyt.com/ Name: fifid
Value: 74520aa6-2381-40e4-778a-dda15b878e7c
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-bf3d6116-2f12-4b2f-8206-ce18651488a2&KRTB&23266-bf3d6116-2f12-4b2f-8206-ce18651488a2&KRTB&23285-bf3d6116-2f12-4b2f-8206-ce18651488a2
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1647616357743
io.narrative.io/ Name: io.narrative.guid.v2
Value: 8e30b060-a69b-11ec-8734-065a0b8073db
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: cookie
Value: c712a4ea334221fd
.adsby.bidtheatre.com/ Name: __kuid
Value: 75ead994-85d8-4376-989b-62e1eed3da48.416808757
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-000000A26BEA534F
.fiftyt.com/ Name: cs
Value: MTY0NzU5NDc1OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fFOMR6DCmGq-YhClnKKaaUDffex0BY4Z46Vwwfvug8oo
.fiftyt.com/ Name: fppm
Value: 20220318091238
.mediago.io/ Name: __mguid_
Value: 2f48e0a0bd05059092c88948d0015a35
.c.appier.net/ Name: _auid
Value: WHuJLfrXCI2cs11LBk00Yg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-WHuJLfrXCI2cs11LBk00Yg&KRTB&23130-WHuJLfrXCI2cs11LBk00Yg
.semasio.net/ Name: SEUNCY
Value: 179E3CC8C042A832
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1647594760
.onaudience.com/ Name: done_redirects219
Value: 1
.openx.net/ Name: pd
Value: v2|1647594750.2.1.7|iKvMgakWgy.bwuYvPhEgKg2.hMg6s7mmvIfYvVvshAn8lwvZmKvJeSnovDf4csf8vEvUvuoqvRke.t1vowcsTfIrZwgw7w1lktCtpjgeDsvv5
ads.brandcdn.com/ Name: brandcdn_uid
Value: 09a7be08-91dd-4f04-a167-a1ac372be137
.dailymail.co.uk/ Name: __gads
Value: ID=097f060fc0340404-22753120d7d100ef:T=1647594749:RT=1647594758:S=ALNI_MbfkDRWJnRpYhigkLpwQgmO21iFZQ
.smaato.net/ Name: SCMt
Value: 77c60781
.smaato.net/ Name: SCM1001851
Value: 77c60781
.media.net/ Name: data-c
Value: k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA~~3
.smaato.net/ Name: SCMg
Value: 77c60781
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg
.outbrain.com/ Name: criteo
Value: k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
.360yield.com/ Name: umeh
Value: !38,0,1709802761,-1
.media.net/ Name: data-c-ts
Value: 1647594761
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org%22%2C%22version%22%3A%22criteo%22%7D
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22902ddff0-a69b-11ec-a4d5-eb2ec4852132%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22902ddff0-a69b-11ec-a4d5-eb2ec4852132%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
.dmxleo.com/ Name: dmxId
Value: 25175F61EB6E8A000WXWAFFYWPKQWXZUS
.smaato.net/ Name: SCMsas
Value: 77c60781
ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg
.smaato.net/ Name: SCMtu
Value: 77c60781
.smaato.net/ Name: SCMs
Value: 77c60781
ads.stickyadstv.com/ Name: UID
Value: db7e229ad35eb3dc2e863163a34c1f
ads.stickyadstv.com/ Name: sessionId
Value: fb25ba180a9462cfddefa8d1bc882e4
.srv.stackadapt.com/ Name: sa-camp-214464
Value: s%3Aj%3A%7B%22campaign_id%22%3A%22214464%22%2C%22nativead_id%22%3A%22%22%2C%22domain%22%3A%22%22%2C%22timestamp%22%3A0%2C%22imp%22%3A%7B%22nativead_id%22%3A%221790735%22%2C%22domain%22%3A%22dailymail.co.uk%3A%3A156%22%2C%22timestamp%22%3A1647594761317%2C%22conversions%22%3Anull%7D%2C%22clk%22%3A%7B%22nativead_id%22%3A%22%22%2C%22domain%22%3A%22%22%2C%22timestamp%22%3A0%2C%22conversions%22%3Anull%7D%2C%22cookie_uid%22%3A%22%22%2C%22region%22%3A%22%22%2C%22auction_id%22%3A%221-5231-164759475895511090205804-1%22%2C%22imp_index%22%3A%220%22%7D.UEv4nE6UozlW4aGaBxzuBsPRyCwmpf0KlnYpAoEPbwQ
srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1048e04f-404a-4350-6509-35e0a422caef.7KaGXquIC%2BiCaiVzFH4uDm%2FKcTXA8JgZNPQZqBg5laY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AEEjgT0BKQ1BlCTXgpCLK72AJ-So.OemhHcfPkxb7LL6UT%2FfoDceEd0VUXw1VjBOec5vTEI0
.smaato.net/ Name: SCMop
Value: 77c60781
.smaato.net/ Name: SCMu
Value: 77c60781
.smaato.net/ Name: SCMtmp1001609
Value: 77c60781
.smaato.net/ Name: SCM1001609
Value: 77c60781
.smaato.net/ Name: SCMtmp1001678
Value: 77c60781
.smaato.net/ Name: SCM1001678
Value: 77c60781
.360yield.com/ Name: um
Value: !38,.nrroSOywCOXORzROc-4IbpolLqvb4r-dotRjrbAkX.UUpf.tJujEUI6fKD0xWXm1qmKC0uf,1655370761
ads.stickyadstv.com/ Name: uid-bp-23409
Value: 44d4c453-ace4-46a0-90ec-1fe9d476bfd4
.brand-display.com/ Name: _knxq_
Value: 4fded1f0-ea7c-a79b-7689d01c.1647594754.3.1647594762.1647594754
.justpremium.com/ Name: jpxumatched
Value: ox
.justpremium.com/ Name: jpxumaster
Value: um-e4bb4c28-1330-4883-84c1-516be92988ef-1647594762
.sundaysky.com/ Name: sskyu
Value: d6.26d8a320d90f49a8804d4b797198f7e6
.sundaysky.com/ Name: sskyCreationTime
Value: 1647594762783
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22112%22%3A%2220220318%22%2C%22113%22%3A%2220220318%22%2C%22108%22%3A%2220220318%22%2C%22141%22%3A%2220220318%22%2C%22110%22%3A%2220220318%22%7D
.mrpdata.net/ Name: U
Value: 4772a281-54c2-ed27-4e45-ed436fda250f
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1crg|8gU.0.cd1a1122-b2b7-463b-8eb5-34edcd0f9eea
.contextweb.com/ Name: V
Value: 0b9r5uPyhAf7
.hybrid.ai/ Name: vid
Value: 9ddb4a18436a2667174f
.scorecardresearch.com/ Name: UID
Value: 1DEa25785db4e3de5e15e141647594762
adservices.brandcdn.com/ Name: brandcdn_uid
Value: 09a7be08-91dd-4f04-a167-a1ac372be137
.gammaplatform.com/ Name: _aCMP_31
Value: 1
.gammaplatform.com/ Name: _aCMP_35
Value: 1
.gammaplatform.com/ Name: _aCMP_5
Value: 1
.gammaplatform.com/ Name: _aCMP_53
Value: 1
.gammaplatform.com/ Name: _aCMP_7
Value: 1
.gammaplatform.com/ Name: _aCMS_3
Value: 1
.gammaplatform.com/ Name: _aGeoIp
Value: TH|Phichit
adservices.brandcdn.com/ Name: AWSALBCORS
Value: roVHEicK49j/ajEMTVKcC6OlaR1O8IXuT0sjlm+CEmL1ga2ddeWWkDXxK+JhilEmiYMsAbC5y5uR2KkJgNWqrtU2vF69s21hXmMB57g7AVIzZouurdZ1N4Lb40pU
.sundaysky.com/ Name: sskya
Value: "e294Ont0czoiMzhvcGw3Iix0OiJuaSJ9fQ=="
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.gammaplatform.com/ Name: _aUID
Value: 1ns2u6976x5o
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP2cJTEmmmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9nCUxJpo90aGlyZFBhcnR5VXNlcklkIfuBMjL6QiSsQyUBP2cJTQ+aRCUBP2cJTQ+aRWM0NmE4MmNmMS03YmE5LTQ0NGEtOWM5Yy1mNjc4ZDRiM2EwYjX7gDj6QtBDJQE/ZwlPNpREJQE/ZwlPNpRFIfv7hnZlcnNpb27C+w=="
.tribalfusion.com/ Name: ANON_ID
Value: aFnwvQrZcAQ8BqEr73MtraVIqEEWMNxNZaXC8kyJw2limlUJPuQoJYXtZcXIZaLD5nexsZbQpq609GoH8jQiCCbXV78CDbwsZdxU8PNLWRqnCPvhkdwrZdV6V6TdVj8
.quantserve.com/ Name: d
Value: EP0BKQHYJfijCJiTCuu4EL7iDtqNEMzxAA
.w55c.net/ Name: matchtriplelift
Value: 5
.mookie1.com/ Name: id
Value: 10616532434342100225
.mookie1.com/ Name: mdata
Value: 1|10616532434342100225|1647594764412
.mookie1.com/ Name: ov
Value: 63e1ef71987a71cfe9f31e2c6a338b9b
.sportradarserving.com/ Name: zuuid
Value: 2ecac175-e4bb-473b-839d-2f57283fa661
.sportradarserving.com/ Name: c
Value: 1647594764
.sportradarserving.com/ Name: zuuid_lu
Value: 1647594764
.pubmatic.com/ Name: PugT
Value: 1647594764
.agkn.com/ Name: ab
Value: 0001%3AFqKlxbIBy7QEDtnr5ivhv4Q2r%2BGrtk3WErSY3cd3%2BIss%2BULLWLxZdw%3D%3D
.rlcdn.com/ Name: rlas3
Value: BcHW6blLyz/KKze4uJ+HptGqp+W4D/xECVJFSVV1cn8=
.rlcdn.com/ Name: pxrc
Value: CP2Z0ZEGEgUI6AcQABIFCOhHEAASBgi16gEQDxIGCLrqARAEEgYIuOsBEAMSBgjX3SoQDg==
.s.thebrighttag.com/ Name: bt3
Value: G3dDELmD0myBxBld_EihWCMV7jRS9ek1g0DfgQDfWdjoG7MubsdbYczp5-J0r6sr
.s.thebrighttag.com/ Name: btv3.0WCbX0j
Value: LGTHajyW1CHVL6-yLkUokbWtYLH68R6O7ISpReU3mn3PAeT4Cndh85XQa3zYMuSa
.reson8.com/ Name: RCID2
Value: E9FE735D19F4126ECDC057FCB7E06400
.smartadserver.com/ Name: csync
Value: 79:k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug|94:YjRM-gAN66WnSAAy|127:AAGn007EaJoAAAyap1piaQ
.mookie1.com/ Name: syncdata_TAP
Value: 1
.addthis.com/ Name: ouid
Value: 62344d0c00013efd87f5e875cc4833f8fdc1d100fda20871e51f
.addthis.com/ Name: uid
Value: 62344d0c1e014baf
.addthis.com/ Name: na_id
Value: 2022031809124473300697720796
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1647594764
.thrtle.com/ Name: mc
Value: eyJpZCI6ImEyNjAzY2MwLTBjOTktNDVkNy1hNTMwLWNmNzEzMDc0MDRlOCIsImwiOjE2NDc1OTQ3NjQ3NzIsInQiOjF9
ads.stickyadstv.com/ Name: uid-bp-45
Value: YjRM-gAN66WnSAAy
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1857-2!1857-3!1857
.eyeota.net/ Name: mako_uid
Value: 17f9c4cf9f8-2b140000010a429b
.eyeota.net/ Name: SERVERID
Value: 17051~DM
.tremorhub.com/ Name: tv_UITM
Value: YjRM-gAN66WnSAAy
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAANvFyGtoZmJuagnEJsbG5r8QfDMTA2OTRawCkVlBvrrpjn5mZuF5wY6OlatYkZRYGBu-EkMYYWxhaQAA99gAYFMAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAFvFKBCZFeSrm-7oZ2YWnhfs6FgJAFl1xqATAAAA
.fwmrm.net/ Name: _uid
Value: "e5b13_7076365628441686317"
.mookie1.com/ Name: syncdata_NEU
Value: 1
.realestate.com.au/ Name: mid
Value: 1360812636257805246
.twitter.com/ Name: personalization_id
Value: "v1_3xkgG4497m1tzsZhhjrORw=="
.agkn.com/ Name: u
Value: C|0CAAAAAAAKccJjAAAAAABAREmAAAAAA
.t.tailtarget.com/ Name: u
Value: fwAAAWI0TQyjRAcJAxJAAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>[gVF']wIg2Ilht>o5i!dqrPYw6_UFiQ-4PMp-v=0BzCfF*AZiIl$k7B8D:^z:90k$@Nc(j'$2kDbVE$`nLw<Jpft(=Cl>[VUv#R@mAatqHzCI+5Rh<n7fF()8@AS:[dkJea1QgbeT/5DrxB$lKxz[@y)fhatph3rEPt`Iz%x)dof)GlR<><$57kUau)tVBMtF_'=):_#7n<3Q)^j<n@o#=k$S><`P3I3k>``O)U>rf?1a6(n5=z5HCuJ4uapn4/F!x5HD)O4>:l3W0?mp:=IUT(2W!pn`:yy22+6#<7gRp0t!NZ3I?*sZ0*a>
.tidaltv.com/ Name: tidal_ttid
Value: 53845701-5679-42cb-af55-faf54af017af
ads.stickyadstv.com/ Name: uid-bp-36033
Value: e5b13_7076365628441686317
ads.stickyadstv.com/ Name: MRM_UID
Value: e5b13_7076365628441686317
.realestate.com.au/ Name: External
Value: %2FTRIPLELIFT%3D2230631680262455077259%2F_EXP%3D1679130764%2F_exp%3D1679130765
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: fsjh2rjds20nofoptyxjxw4f
.moveinc.demdex.net/ Name: moveinc
Value: 73036983126550283923672921214654110234
ads.stickyadstv.com/ Name: uid-bp-892
Value: f67a371d-f285-4ca2-be6f-f2af79502cb4
.casalemedia.com/ Name: CMST
Value: YjRM-mI0TQ0A
.casalemedia.com/ Name: CMRUM3
Value: ce62344d0105a0&5862344d0d2760YjRM-gAN66WnSAAy&2d62344d0005a0CAESEBctLpH6ScpLeSvtkdpucO0&0462344d0227603142368608644553920&da62344d0b2760&0d62344d0c2760076e2204075d403fca6659f0&0862344d022760bb5f0cf8-aaf0-4fc9-afe4-c1ca891d343f&1a62344d04276062735321-5c9e-4447-9154-96d4afc83168-tuct92dd27e&f162344cfe05a0&2e62344d0227606359460436251910749&3362344d0627607c645530-439f-430f-be08-f3bda86d545b&dd62344d0b2760&5a62344d0227605036F47B1E164C5B8C56BBC185A6E0FD&3962344d0b05a0&8362344d0c276018072662290397426830&8262344d022760AAGn007EaJoAAAyap1piaQ&1162344d0c2760hC9c_JxukxkuB_-lTGAw&2762344cff2760f67a371d-f285-4ca2-be6f-f2af79502cb4&9862344d02276043725741-ff02-4e85-a98c-5a33d68f862f&0362344cff2760a41e6234-4cfd-4600-9afd-9c92d96c3201&6962344d0405a00&9c62344d042760f4cc0b89-9ef6-4ce2-9817-71da3f16cfeb&2962344d0227608af7dc84-a69b-11ec-9692-13cc52d00862&6f62344d0227606486416200911656969&5162344d022760-mq_kvg76sPhbLuU_Dqhl_o8tJDhb-mXqW5DhYax&1462344d092760k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ&0562344d0305a00&4162344d0205a0AAAGbrSlsxWJ0gMvTjCIAAAAAAA&c362344d022760av-b376d75e-e1a2-4ad3-ad30-8eb7bbf90472&7b62344d0a05a0&2f62344d022760mXDI4agD1Nv8EU5&2862344d022760e0d60695-3cb3-4226-91f9-a35d415d8ff9&0a62344d0b2760&be62344cff27606359460436251910749&4062344d022760b16d1398-dea4-4095-89d1-65023eecd45c-62344cfe-5553&bc62344d0b05a0&4962344d0b05a0&bf62344d0200014fded1f0-ea7c-a79b-7689d01c&1f62344d022760Q7008811521702904394P&c462344cff276003030002_62344cff31ce1&e662344d0b2760&b062344d022760di_174ff51fcf874097873f0
.dailymail.co.uk/ Name: RT
Value: "z=1&dm=dailymail.co.uk&si=e3c522be-a295-44db-98e3-abd52ef923d6&ss=l0w7dahh&sl=1&tt=ipv&bcn=%2F%2F173bf10e.akstat.io%2F&ld=iql"
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEANgPZu7QG2V4JR0h1wFW9o
.dailymail.co.uk/ Name: ak_bmsc
Value: 4163E877D305D08D43450B2F38B62854~000000000000000000000000000000~YAAQD+4hFxwUHGV/AQAAC/1MnA/rqYh8CY654J1dCqcTE49BP1Ky2eVBQ+RCcU+yFZzH0z3PpHWZMQmx5V5nglo0ZjPZlgbnmrxQFR60vAfJOl3OUAR50zbA+bkA0e+cjxV4DM+5zzYl0xBWMhRhjQyW+rPaBhs7ECin1SD4I0MgkBcWDnhvnX6Jdo3ugLJd2ohN0FZfvm+tsCnuX1YjVNcPIfXM/5XhdU6EJPMd6+WtpeEM5E4msIurxG2ySJ7m5ZjGrGJJov/7pu2f/u8TRgguuNC8NFhL9RCV8z+7LTOgK7taoS6YExmgZk4McVjbAn6FYrc2zcy1/HldjeOURLcaMAnjjnJOAfsox5BA6CWZ9Zie+t2OCVAPtCJndAEw4BygnbSd5u8AErJ5R3wlYepij+yG7ag/po1Y8j5c4os=
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGn007EaJoAAAyap1piaQ
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-X4NHBfVE2oOc0Qs48lc8tR_vBZcSMk19478JQJzP~A
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: kr4iuoeqfiyjp2xygskukhph
.w55c.net/ Name: matchfreewheel
Value: 5
.adsniper.ru/ Name: uuid3
Value: IiQ5MzE5ZDY3ZS1hNjliLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
ads.stickyadstv.com/ Name: uid-bp-23329
Value: mXDI4agD1Nv8EU5
.go.sonobi.com/ Name: __uis
Value: 34b7d6cc-17db-48b2-b4e5-670609a4629f
.adgrx.com/ Name: ADGRX_CM_FREEWHEEL_BRIDGED
Value: 1
ads.stickyadstv.com/ Name: uid-bp-22945
Value: 8af7dc84-a69b-11ec-9692-13cc52d00862
www.dailymail.co.uk/ Name: ruid
Value: %7B%22ted.dailymail.co.uk%22%3A%7B%22chid%22%3A%22l0w7dfji-43itlfxk0ky-mtni0xc8qni%22%2C%22l%22%3A%222g1%3A1647561600000%3A19818406627%22%2C%22__mou%22%3A%228017671124%3Adirect%3A1647594747802%3Agck7c%3A1%22%2C%22__mov%22%3A%2219818406627.direct%5Earticle%5Enews%5E.1.1647594747802.1647594747802%22%2C%22v%22%3A0.58%2C%22phid%22%3A%22view-l0w7dfji-43itlfxk0ky-mtni0xc8qni%22%7D%2C%22t.dailymail.co.uk%22%3A%7B%22chid%22%3A%22l0w7dfji-43itlfxk0ky-mtni0xc8qni%22%2C%22l%22%3A%222g1%3A1647561600000%3A43875522204%22%2C%22__mou%22%3A%2223671177362%3Adirect%3A1647594747800%3Agck7c%3A1%22%2C%22__mov%22%3A%2243875522204.direct%5Earticle%5Enews%5E.1.1647594747800.1647594747800%22%2C%22v%22%3A0.58%2C%22phid%22%3A%22view-l0w7dfji-43itlfxk0ky-mtni0xc8qni%22%7D%2C%22v%22%3A0.58%2C%22%2F%22%3A%7B%22dd%22%3A20908%7D%7D
ads.stickyadstv.com/ Name: uid-bp-951
Value: 6359460436251910749
.dailymail.co.uk/ Name: bm_sv
Value: D1EB30BF1DEDC50705A297524E783671~DgTmDCXhqkE51Zcsnzr/TrwdyX7WEm/97asRSEyeJvVDFnCXiVXqO7LKBogZdGMwu15xFXFz3zoT4xeqTkGaGnJOrWw5jIrjKeSF6KBsND5y9i1pUNOcknm4Y5SDXJOTF3V8H62ku7wPrYKjZDzwFGCQGJVNTGxlPrvidW+nvEQ=
.ib.mookie1.com/ Name: ibkukiuno
Value: s=d9528ed7-8a96-434d-9172-694ae45de183&h=&v=277475573&l=-8585540121189760182&op=&hl=0&vlu=3&tcs=1&dcc=-8585540121196673243
.ib.mookie1.com/ Name: ibkukinet
Value: 1611266346=-8585540121189760182&1611266346=-8585540121189760182
ads.stickyadstv.com/ Name: uid-bp-25746
Value: 8a1de752-a69b-11ec-92c5-fb53764b0872
.bumlam.com/ Name: suuid3
Value: IiQ5MzE5ZDY3ZS1hNjliLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
ads.stickyadstv.com/ Name: uid-bp-529
Value: a41e6234-4cfd-4600-9afd-9c92d96c3201
.everesttech.net/ Name: ev_sync_enc
Value: MjAyMjAzMTg_Mzo6MzB8Njo6MzA
.tidaltv.com/ Name: sync-his
Value: H4sIAAAAAAAAADM0NjAzsDI0ttQ1NDUHADc+IYwNAAAA
.mathtag.com/ Name: mt_mop
Value: 9:1647594766
.w55c.net/ Name: matchrubicon
Value: 5
.aidata.io/ Name: __upin
Value: ivgw/ixEoHRGm7CNnxTugQ
.aidata.io/ Name: __upints
Value: 1647594767
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-07394370-7cd4-4c12-a40b-b3d6434dcf48-005%22%2C%22nxtrdr%22%3Afalse%7D
.sniperlog.ru/ Name: guid
Value: 57D2F83F6A91BB03
.tns-counter.ru/ Name: guid
Value: 0A556A2262344D11X1647594769
.mgid.com/ Name: muidn
Value: m2iNjfzU8hc2
.mgid.com/ Name: __cf_bm
Value: 7qIfXtCEQ61tVqIdKAtLBVM.V3kt4YhWUmcOW45ObEo-1647594769-0-AYDw2EEqCo4woDV3aXzhxJf9Y/e4/dIRIF62GwK+7DlMijQ6vEcDkpXIiIVL0aAmcMHC4dMH4t0Dw52NMXMgzSQ=
cm.mgid.com/ Name: mg_sync
Value: {"433145":1647594769}
.analytics.yahoo.com/ Name: IDSYNC
Value: "195y~23tl:18y3~23tl:18z8~23tl:1769~23tl:1776~23tl:187s~23tl:18za~23tl:192i~23tl:175w~23tl:195x~23tl:18zh~23tl:194o~23tl"
.dotomi.com/ Name: DotomiTest
Value: 2605685dca9121c
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bFhahjRQZ9solYvo2XO8wv+z0QnGM0pmGS5MWzHmrqhpBAxlVJyr7D6iUmxyR7tVObBVHyECOircefkQLK2IxoK7D/nwqnngogfF95tcxSvWQ==
.onetag-sys.com/ Name: OTP
Value: BeshIGWvkjMZml0nAWVCip0hrE0Bz2b96he7XU8XPa4
ads.avct.cloud/ Name: uuid
Value: 758cadc7-c8d4-4002-9260-448ab8a6aeda
.betweendigital.com/ Name: ut
Value: YjRNEgANG3ipqyDV1qlTa_Jpjt8VKocirPNhzw==
.go.sonobi.com/ Name: HAPLB8S
Value: s8559|YjRND
.yandex.ru/ Name: yuidss
Value: 8024653521647594771
.yandex.ru/ Name: yandexuid
Value: 8024653521647594771
.mfadsrvr.com/ Name: ssh
Value: !taboola,1647594772!the33across,1647594753!triplelift,1647594753!bidswitch,1647594752
.adx.opera.com/ Name: UID
Value: 26fd318dc08e4665ac37e9af15e43df0
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI_sCN6q6yxDoQBRIXCghwdWJtYXRpYxILCO65qPaussQ6EAUSFgoHc3Z4OXQ1MBILCNqHzIGvssQ6EAUSFAoFdGFwYWQSCwjgjsuHr7LEOhAFEhYKB3J1Ymljb24SCwji8u6AsLLEOhAFGAEgASgCMgsI_JTN6cayxDoQBTgBWgVzcG90eGAC
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6InB1Yl83MTQ1MSIsInNwIjo1LCJpIjp0cnVlLCJscCI6NzMwOCwiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiI5NzJjNmYzZS1hNjliLTExZWMtYjRjNS0xM2M5NjhiNDAzMDMiLCJzb2wiOjUsInNsIjowfQ==
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0NzU5NDc1MjIyMCwiMjQiOjE2NDc1OTQ3NTQzMjUsIjMiOjE2NDc1OTQ3NTQwMTMsIjQiOjE2NDc1OTQ3NTM5NjMsIjI2IjoxNjQ3NTk0NzY0MTM5LCIxNyI6MTY0NzU5NDc1MzY0NywiMzkiOjE2NDc1OTQ3NTM5NjMsIjciOjE2NDc1OTQ3NTQwMTMsIjI5IjoxNjQ3NTk0NzczNzYwLCI2MCI6MTY0NzU5NDc1NDAxMywiNDEiOjE2NDc1OTQ3NTEwNjgsIjY0IjoxNjQ3NTk0NzY2MTYwfQ

326 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Message:
Blocked script execution in 'https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://sync.bfmio.com/syncb?pid=137
Message:
Blocked script execution in 'https://sync.bfmio.com/syncb?pid=137' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6359460436251910749&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Message:
Blocked script execution in 'https://eus.rubiconproject.com/usync.html?p=gumgum' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Message:
Blocked script execution in 'https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Message:
Blocked script execution in 'https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Message:
Blocked script execution in 'https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Message:
Blocked script execution in 'https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id5-sync.com/c/167/429/3/7.gif?puid=B93E2E12-AA9E-4220-8310-B08598FC53B9&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other warning URL: https://reflex.imds-cdn.com/vpaid/vpaid.1.0.6.js(Line 8)
Message:
Unrecognized feature: 'ambient-light-sensor'.
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-z8q2sEGT4kezq8EuDAunv3pfPRqns-nU6EgHQA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-d3FZKkGT4kezq8EuDAunv3pfPRq5XNz5Ix1bRw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NzkmdGw9NDMyMDA=&piggybackCookie=uid:k-W2Q7nEGT4kezq8EuDAunv3pfPRqESOLKXNaLow
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1uTwNEGT4kezq8EuDAunv3pfPRrY-QnF3MGRmg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-B4LUGkGT4kezq8EuDAunv3pfPRo44OKT8XM5jg&redirectId=69
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iKP_HUGT4kezq8EuDAunv3pfPRpvzlwxfGd7zQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pFqVlkGT4kezq8EuDAunv3pfPRqyYnzqir9org
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-GNZgXUGT4kezq8EuDAunv3pfPRq4ZXA56gy7bg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Fg2-jUGT4kezq8EuDAunv3pfPRr1ipoYbV1xAQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-c5KchUGT4kezq8EuDAunv3pfPRr2IzN1U3852A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zdelgEGT4kezq8EuDAunv3pfPRq-PbqpkG-eHw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mM-SBUGT4kezq8EuDAunv3pfPRoazg16yw4GLQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-6Uzp8kGT4kezq8EuDAunv3pfPRpvLEuPSj0piQ&_origin=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-PPKehEGT4kezq8EuDAunv3pfPRpVdjDwCf4hig
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-IoVFwkGT4kezq8EuDAunv3pfPRpg9cR2WcEzJw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KulrB0GT4kezq8EuDAunv3pfPRpilBCotampsA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Vy5AsEGT4kezq8EuDAunv3pfPRrP3ngZRbOYeg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-emO310GT4kezq8EuDAunv3pfPRp-D7J2U91oIg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-lLhvi0GT4kezq8EuDAunv3pfPRqlc1TOmLDxlA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qbISf0GT4kezq8EuDAunv3pfPRoi637WZepBfQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qm0dB0GT4kezq8EuDAunv3pfPRrNgNd6owMmkw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6zbMz0GT4kezq8EuDAunv3pfPRq2zXoVQIakug
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438726
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
javascript warning URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js(Line 134)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=44d4c453-ace4-46a0-90ec-1fe9d476bfd4&redirectId=2257
Message:
Failed to load resource: the server responded with a status of 504 (Gateway Time-out)
network error URL: https://adtag.primetime.adobe.com/adserver/trackdmgr?dmgr_db=nl&pid=tbmg&random=-1389049342319734444&tmid=YjRM-gAN66WnSAAy
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.vdopia.com/bid?advid=1583&bcid=YjRM-gAN66WnSAAy
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sp.adbrn.com/match?syncid=tm1_937bae71-f265-478e-b2b5-dccb199ad9e9&cid=YjRM-gAN66WnSAAy
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sy.eu.angsrvr.com/sync?type=host&dsp=11&dspuuid=YjRM-gAN66WnSAAy
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://msec.xp1.ru4.com/cx?_i=52583729&_u=YjRM-gAN66WnSAAy
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a41e6234-4cfd-4600-9afd-9c92d96c3201&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: about:srcdoc
Message:
Refused to execute script from 'https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---' because its MIME type ('image/png') is not executable.
security error URL: about:srcdoc
Message:
Refused to execute script from 'https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---' because its MIME type ('image/png') is not executable.
security error URL: about:srcdoc
Message:
Refused to execute script from 'https://rtd-tm.everesttech.net/upi/pid/1491?gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadobe-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BTM_USER_ID%7D%26orig%3Dvideo%26us_privacy%3D1---' because its MIME type ('image/png') is not executable.
network error URL: https://m7hdh-2damu.ads.tremorhub.com/ad/tag?adCode=m7hdh-eqad5&playerWidth=401&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&supplyCode=m7hdh-2damu&transactionId=54738035-f2f7-40e9-8fd2-cedec1308834&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-2187999%2FWill-148m-EuroMillions-jackpot-winner-share-fortune-long-lost-half-brother-met.html&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
173bf10e.akstat.io
538e59019275b34e753138c74e138fba.safeframe.googlesyndication.com
5d0b6.v.fwmrm.net
5f42864d-a421-4f37-9478-00266f871d68.edge.permutive.app
6f34471c3a779622f9cd63d182eff7ca.safeframe.googlesyndication.com
8fd2e28fe96f82e59dba3b81302648d7.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-delivery.net
ad-resources.brandcdn.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
adpone-d.openx.net
ads.adaptv.advertising.com
ads.avct.cloud
ads.betweendigital.com
ads.brandcdn.com
ads.playground.xyz
ads.pubmatic.com
ads.scorecardresearch.com
ads.stickyadstv.com
ads.us.criteo.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservices.brandcdn.com
adtag.primetime.adobe.com
adx.adform.net
amazon-tam-match.dotomi.com
an.yandex.ru
analytics.twitter.com
analyticssystems.net
ap.lijit.com
api.bounceexchange.com
api.btloader.com
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
asf-tm.everesttech.net
assets.bounceexchange.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
beacon-nf.rubiconproject.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bpi.rtactivate.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.go-mpulse.net
c1.adform.net
c2shb.ssp.yahoo.com
ca14d8e678656b6cdd512ceb2cc8c869.safeframe.googlesyndication.com
cache.betweendigital.com
casale-match.dotomi.com
cat.va.us.criteo.com
cdn.adnxs.com
cdn.ampproject.org
cdn.districtm.io
cdn.id5-sync.com
cdn.includemodal.com
cdn.jsdelivr.net
cdn.mediago.io
cdn.navdmp.com
cdn.permutive.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
choices.trustarc.com
choices.truste.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cm.smadex.com
cm.t.tailtarget.com
cmp.dmgmediaprivacy.co.uk
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contango-cdn.technoratimedia.com
context.iris.tv
contextual.media.net
core.iprom.net
crb.kargo.com
crcdn01.adnxs-simple.com
creative.stackadapt.com
creativecdn.com
criteo-sync.teads.tv
crta.dailymail.co.uk
cs.emxdgt.com
cs.vdopia.com
csi.gstatic.com
csm.us.criteo.net
csync.loopme.me
cw.addthis.com
d.adroll.com
d.agkn.com
d.turn.com
d16c6244c2ad75e061f5544670defd81.safeframe.googlesyndication.com
d2cli4kgl5uxre.cloudfront.net
d32f0839ed8fb22a001e9b46eba6b0f7.safeframe.googlesyndication.com
data.cdnbasket.net
de.tynt.com
dis.criteo.com
dm-us.hybrid.ai
dmp.adform.net
dmp.brand-display.com
dp1.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
east.srv.stackadapt.com
eb2.3lift.com
eu-u.openx.net
euasync01.admantx.com
eus.rubiconproject.com
event.clientgear.com
events.bouncex.net
evm2.stackadapt.com
exchange.mediavine.com
eybp7saaaiaqijqacqnqaeyaabrditin-pnblkx-889d4ed95-clienttons-s.akamaihd.net
fastlane.rubiconproject.com
fff.dailymail.co.uk
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.moatads.com
global.ib-ibi.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlesync.permutive.com
gsm-adverts.betstream.betgenius.com
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hb.adpone.com
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
hulkprod.anm.co.uk
i.clean.gg
i.dailymail.co.uk
i.liadm.com
i.w55c.net
ib.3lift.com
ib.adnxs.com
ib.mookie1.com
id.rlcdn.com
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.reson8.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprchmp.taboola.com
imprnjmp.taboola.com
inv-nets.admixer.net
io.narrative.io
j.mrpdata.net
js-sec.casalemedia.com
js-sec.indexww.com
klkstrm.kargo.com
krk.kargo.com
loadm.exelator.com
m.dlx.addthis.com
m.fg8dgt.com
m7hdh-2damu.ads.tremorhub.com
mae7skvygojjeyrujuhq-pnblkx-aa4ddf5f7-clientnsv4-s.akamaihd.net
mailonline-us-d.openx.net
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.ivitrack.com
matching.truffle.bid
mb.moatads.com
mid.rkdms.com
moveinc.demdex.net
msec.xp1.ru4.com
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
navdmp.com
nep.advangelists.com
nym1-ib.adnxs.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
openx-ums.acuityplatform.com
openx.adhaven.com
openx2-match.dotomi.com
ovp.iris.tv
oxp.mxptint.net
p.adsymptotic.com
p.rfihub.com
page.cdnbasket.net
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pippio.com
pips.taboola.com
pix.us.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime-tm.everesttech.net
playtime.tubemogul.com
pm.w55c.net
pmp.mxptint.net
post.update.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.adnxs.com
prg.smartadserver.com
protect-us.mimecast.com
ps.eyeota.net
pubads.g.doubleclick.net
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
r.bidswitch.net
r.casalemedia.com
r3---sn-ab5l6nzd.c.2mdn.net
r4---sn-ab5sznze.c.2mdn.net
r5---sn-ab5l6nzr.c.2mdn.net
reflex.imds-cdn.com
rta2.newzit.com
rtb-csync.smartadserver.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtd-tm.everesttech.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s.go-mpulse.net
s.thebrighttag.com
s.tribalfusion.com
s0.2mdn.net
s3-eu-west-1.amazonaws.com
sasinator.realestate.com.au
scripts.dailymail.co.uk
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
secured.dailymail.co.uk
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sp.adbrn.com
sp.analytics.yahoo.com
spl.zeotap.com
sportradarserving.com
srv.stackadapt.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssl.connextra.com
ssp.behave.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stackadaptdisplay515602019759.s.moatpixel.com
stackadaptdisplayhourly515602019759.s.moatpixel.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
statsf-tm.everesttech.net
storage.cloud.kargo.com
sy.eu.angsrvr.com
sync-amz.ads.yieldmo.com
sync-criteo.ads.yieldmo.com
sync-jp.im-apps.net
sync-pp.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.extend.tv
sync.go.sonobi.com
sync.hgrtb.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
t.dailymail.co.uk
taboola-supply-partners.tremorhub.com
tag.1rx.io
tag.bounceexchange.com
tags.bluekai.com
tags.srv.stackadapt.com
tapestry.tapad.com
ted.dailymail.co.uk
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
triplelift-match.dotomi.com
tubemogul-sync.dotomi.com
u.openx.net
uat-net.technoratimedia.com
uipglob.semasio.net
uipus.semasio.net
uk-script.dotmetrics.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-match.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us-wf.taboola.com
usermatch.krxd.net
usersync.gumgum.com
usr.undertone.com
vae-bid.adsrvr.org
vid-io-cle.springserve.com
vid.springserve.com
video.dailymail.co.uk
vidstat.taboola.com
view.cdnbasket.net
visitor.fiftyt.com
visitor.omnitagjs.com
vop.sundaysky.com
vpaid.springserve.com
wf.taboola.com
widget.perfectmarket.com
widget.va.us.criteo.com
windaloop.com
www.dailymail.co.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newzit.com
www.storygize.net
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
z-na.amazon-adsystem.com
z.moatads.com
aax-us-east.amazon-adsystem.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
adtag.primetime.adobe.com
analyticssystems.net
c.bing.com
contextual.media.net
criteo-sync.teads.tv
crta.dailymail.co.uk
cs.vdopia.com
csi.gstatic.com
eb2.3lift.com
exchange.mediavine.com
fls-na.amazon-adsystem.com
i.liadm.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
msec.xp1.ru4.com
pagead2.googlesyndication.com
pixel.advertising.com
public-prod-dspcookiematching.dmxleo.com
px.moatads.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
simage2.pubmatic.com
sp.adbrn.com
sp.analytics.yahoo.com
sy.eu.angsrvr.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
us-wf.taboola.com
visitor.omnitagjs.com
www.dailymail.co.uk
x.bidswitch.net
100.25.235.110
104.107.15.75
104.107.5.93
104.16.190.66
104.18.20.134
104.18.98.194
104.19.135.78
104.19.150.54
104.244.42.131
104.36.115.109
104.36.115.111
104.36.115.114
104.45.178.220
104.81.133.133
107.178.246.49
107.178.254.65
107.23.24.80
107.23.25.6
124.146.215.46
13.225.214.19
13.225.214.37
13.225.214.90
13.225.71.16
13.225.71.24
13.225.71.63
13.226.26.122
13.226.26.38
13.57.144.122
130.211.23.194
132.226.41.106
138.201.65.74
141.226.124.48
141.226.224.32
141.226.224.48
142.250.80.66
142.251.35.162
142.251.35.166
142.251.40.130
142.251.41.2
151.101.1.108
151.101.1.44
151.101.129.44
151.101.130.49
151.101.193.108
151.101.193.44
151.101.194.133
151.101.65.108
151.101.66.49
152.199.4.100
152.199.5.184
159.65.197.210
162.248.18.10
169.61.103.241
172.105.232.22
172.253.122.155
173.223.237.164
173.223.56.11
173.231.178.82
18.116.233.102
18.204.190.178
18.207.27.64
18.210.194.11
18.214.50.46
18.214.54.11
18.214.97.110
184.51.146.146
185.167.164.37
185.184.8.65
185.31.113.18
192.132.33.46
192.35.249.120
192.35.249.123
193.232.148.142
195.244.31.11
195.5.165.20
198.148.27.139
199.127.204.142
199.127.204.162
199.187.193.130
199.187.193.166
199.187.193.177
199.187.193.182
199.187.193.185
199.250.166.129
199.38.167.131
20.72.149.136
2001:4860:4802:32::3
2001:4998:14:800::1001
2001:6d0:4001::226
204.2.255.232
204.2.255.233
204.62.13.72
205.139.111.113
207.198.113.176
209.54.177.54
213.19.162.80
216.200.232.249
23.111.200.118
23.209.184.224
23.215.130.90
23.52.160.7
23.52.161.180
23.52.162.21
23.52.163.40
23.52.164.177
23.52.167.40
23.52.167.93
23.64.103.192
23.64.109.57
23.88.75.186
2600:1400:d:587::16c2
2600:1400:d::1721:ee22
2600:141b:13::172f:91c3
2600:141b:13::17d7:82da
2600:141b:13:a80::16c2
2600:141b:13:a88::16c2
2600:141b:13:a93::11ae
2600:141b:13:a9c::11a6
2600:1f18:1c96:4102:49f3:ecb9:1797:d45
2600:1f18:4e9:5a02:12e1:5652:a2dc:bd68
2600:1f18:612b:4200:b54f:a79a:adff:b87e
2600:1f18:612b:4216:4bb:825e:5e5f:d97a
2600:1f18:6593:f608:75dc:ec20:a692:551
2600:9000:210b:2400:3:1de0:d400:93a1
2600:9000:210b:c000:15:d134:4e40:93a1
2600:9000:21da:3400:19:fc2c:a140:93a1
2600:9000:21dd:2c00:15:6f6c:b180:93a1
2600:9000:21dd:bc00:6:44e3:f8c0:93a1
2600:9000:21ea:6e00:1a:609a:6780:93a1
2600:9000:21ea:8400:1b:5138:8a40:93a1
2600:9000:21ea:a400:11:9be7:da80:93a1
2602:803:c002:200::43
2602:803:c002:200::44
2606:4700:10::ac43:db6
2606:4700:20::681a:346
2606:4700:20::681a:ad1
2606:4700:20::ac43:4686
2606:4700:20::ac43:49e4
2606:4700:3030::6815:251b
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:ff3
2606:4700::6812:451
2606:4700::6812:d05
2606:ae80:1451:19::1400
2607:f8b0:4004:c09::9b
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2006
2607:f8b0:4006:823::2008
2607:f8b0:4006:9::9
2607:f8b0:401e:29::b
2607:f8b0:401e:2b::9
2620:100:a001::12
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:2d66:77a6:9085:a5fa
2620:1ec:21::14
2620:1ec:c11::200
2a01:578:3::36d9:fa7e
2a02:6b8::90
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.127.110.139
3.131.9.254
3.136.40.59
3.15.109.176
3.217.244.219
3.217.99.187
3.218.13.135
3.224.73.153
3.233.247.233
3.33.220.150
3.95.145.149
31.172.81.158
31.172.81.159
31.172.81.160
34.102.146.192
34.102.163.6
34.102.185.99
34.102.253.54
34.107.191.194
34.107.254.252
34.111.151.213
34.111.8.32
34.117.239.71
34.120.135.53
34.120.155.137
34.120.253.250
34.149.130.207
34.149.20.76
34.192.138.137
34.193.254.175
34.198.166.14
34.200.63.26
34.203.0.170
34.226.161.152
34.231.116.207
34.233.8.71
34.235.240.223
34.239.97.35
34.95.69.49
34.96.105.8
34.98.64.218
34.98.72.95
35.168.210.194
35.171.137.144
35.186.253.211
35.190.60.146
35.190.65.91
35.190.90.30
35.201.69.19
35.201.69.52
35.201.96.126
35.207.10.239
35.207.24.140
35.208.249.213
35.211.118.13
35.211.141.197
35.211.178.172
35.244.216.234
35.75.69.76
37.157.3.30
37.18.24.16
38.27.122.126
38.91.45.7
44.196.51.251
44.198.213.18
44.199.37.161
44.200.208.73
44.235.55.208
45.35.192.162
46.105.202.126
47.252.78.131
5.161.54.172
50.57.31.206
51.178.20.140
51.195.5.234
51.210.112.236
51.222.39.185
52.0.156.250
52.0.166.156
52.0.59.237
52.1.82.123
52.10.19.115
52.2.129.173
52.20.86.11
52.200.129.142
52.203.231.132
52.206.228.228
52.21.17.234
52.21.37.25
52.211.48.15
52.218.62.43
52.220.229.2
52.223.22.214
52.4.194.209
52.4.33.45
52.46.145.177
52.54.188.195
52.70.74.97
52.73.93.37
52.94.222.140
52.94.233.131
54.153.172.152
54.156.26.12
54.164.126.90
54.166.244.71
54.175.87.114
54.192.160.42
54.205.170.190
54.227.147.124
54.230.161.118
54.230.162.14
54.230.162.25
54.230.162.71
54.230.162.99
54.235.111.4
54.236.195.76
54.80.152.36
54.86.107.88
54.86.196.175
54.88.131.185
63.251.114.182
63.251.28.218
63.251.86.51
64.202.112.127
64.58.232.176
64.58.232.180
67.202.105.22
67.202.105.34
68.67.153.61
68.67.160.186
68.67.179.121
68.67.179.135
69.166.1.10
69.173.151.100
69.173.151.67
69.90.254.78
70.42.32.127
72.21.81.64
74.119.119.129
74.119.119.137
74.119.119.139
74.119.119.147
74.119.119.149
74.119.119.150
76.13.32.147
8.28.7.81
8.28.7.82
8.28.7.83
82.145.213.8
89.108.120.68
00a8f0ddc991d9e69d41d8b1864f95b18409e9f54682175687210bacc0c21549
01d2f79f76c162b708feee3892b283cb057745d1f02c6ae63e3987ec3869f392
01df9bb89d103d50b21c0170f3653236c35935b7afcf69b284aedc2f82875a69
021ba958849449cfbcb27947a769db166b62686979538f344f2733789a1199ae
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6
03525f6f7cf0a878f51b7d538465513c5147ae14dde6823092db6b23021b461d
03624127a6b5730f2eef60824a391fb3cc809524722d12e6b975139deebb31e6
0378c4156fe83f27c9892063eeb7f233e662a90a2631884ea5d689eefd9e8889
03f751c8f1b04cd8553e3494d5dbc7b1b8ba18ec799f68cc3d4c669dc558a4ff
04986abd648fdf8de0b4f19005c52ed7c0b90353207094d01a19ca3bcc39a73d
04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05937be1caa2893ee33c44a3b73e72ebcf698aba08eac45cb9220b40e4207e5a
05d0d4e2bee3bfea091b101d2a8b4be411b2a6764c390dfc04c5c84c535dae38
05dd8c14b616f46906af1a9757e72d41e1fc80df6704ea11299e6931f4ce59dd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da08696d716d733745c2e0a1a6c1ce53d6e3f47c985fb2f874c2ff2b98c5c6
07125226eee2cdd95e8f88ab1f757731b1a779edee0b4ac8f580ee1b3d4f51e7
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
085ea1be96571c27edbecb856cefd4877992dbadfd559fd8520fb90e85c80ada
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25
0923d9701897ccef523a068f0f101e4316bb8d75a322907372ca26248a3b90b6
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096b99f82acc78e9b9bf7067067456063f6033830fc235afa4ed5fe69a4c19b1
09802c331b6d3cd7a86f127db16d26376b1a3506ba75921f5443b4def7414953
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a64a411d1da0ec535a786aed857892f2eefa936a9bdaf4701f14ec0482de243
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0ab99f09d50e00b28dc898a3af4cbbf69256375e2f52a0e677355c4d59e8c183
0acad70975b7ea0cc7142d625b0ae4e13ade8da2df16afb9fa9cbe235b10e651
0adecd403a9dae1f8bfb380cc86482a97dedc6135492b798d761117f101cc400
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b4183643ddb787e349ae83e8c841503a67b00f3acddc7055419501d31011770
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36
0c0028f43e8a3d9e5eaa6619397af03b109c174fb343946692d6b0af4deab653
0c8b5704d9d69c1de12cc51974a0c6d684a99444a6cdfa8162b51f3e2c8fe32c
0cf312d71e52a1fc5507467e6c189cd03e0ff26d317bdbaad06fd684fdcd5fa5
0db71f2223124ef87e61e1bb035e68fcc2cf0f5a4e7462afc981eb41c8bdc4dc
0e123b30fd820eead779ec31fc1c3b5ba026cd84700ca4764f4df00ad0916d10
0e4d783eddc0e55b528ac6a31a7147aa718971c12a0e6dca3930b10f1b2b1ac6
0e5597bcbbae3eff3bbe8c37c8fbe03cc72a1a2af26abf92d933133939334516
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
0eeb085c48d45d08d4108175dd5b873f0c62591a8b8790c92935b3b2a1631f2f
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f217316c11c503be55634641f7cc8579cbceee4455faf2d6d1f6f96ca945217
0f426a5054718834a6399eaee2a5f7e0d8b43cdc1a4e13a12b298738cd5e2736
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76
10556701793a010ae0ade2556870e0e92176ee5cf324e2d37f3f429a8b73a9c8
1056fe62d7d5b6fada3acaa6ec841d2fa75fa5820c8c49672154df6badf3cf0a
10935ccd353f32f84aadffaa722f00792bc3654eee4b49f1bb63373af912f26d
10a8ad9b00fe5d00c9201be5bc84290babc1daf73c4c1d226ab8245470f0a1ca
10c7ad172bba5b65ad2a597a82d126506630ba14c18384769db36026c3ec3d8e
10cab84ac191c069fe34c0c450f8b2d37e79c1b29ba8c9cfea494c8980910544
10cc8e454acb381275dadc2c3a985ff93db8e8e4522dcacbee15f0c10a10b3f3
10d217fc2d14b793dd2acba83780093ff88896b4433f7eb36bfc4a220f78350f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12114ea923dc6298050feef85d98ba230e4383e149f7870913129a872b8374ed
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13001b93b4dec551b6e75bb5df3ffe8b31659c4527a35ff424f54c8754e9adaa
13743d7bc00e66c334b975747f8948fcb50c9ee67c9588137647c85e49caf193
13c963fa8c8844e497beb3358a55958f2eae9cf36e282afdfdc7186e07d39826
13da4791e3620575aab659188bb771656745c3c83458302bbc8f49d1d2675751
13ee6be1edb266938e679490a88343735dfe5efebe63bdb7c920ef15da3288c8
1413e6306b949cefd16e74b58b6b47be075d1c83a0d77cd70b26cdd50efd5f93
1439c9f9dc0330a99fbc3bf92b09a47d8310caddbd28c37b0eb588ecbc4d8a78
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1527568898380ac1c0bebeb181c6ae65f661433cba813faf972ae0f6f6e0463b
15508460c0a60baa5a3ecc7489309be0b01d47f025ea216a0cb1a9a7d94084a9
158e1487a7c062c98bcc4e1d22f4086ffebde5d00e1d944b724686c6aabd0ea0
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29
15aafc22c1a4a97df2ed4aa0b083a9230757c83545dc8d514a0bb1f304951632
15c2b360f6521967e813f15921e83c2965048da931619d656cf43106935abb2f
1606125073205250674ef7f1c2f4580e3e774ac8f0155b298176de293f018319
1630acdb42a222c31f2e0ffb701028cee024af1ed555cdae4dbfcac6a7a593ba
168e73f1c7bd13111c7e01f2dfc8bc9a7f2ec8f79618473e3768b50da456177c
168e8ac69e7903e0340d09637a93807bd2a5bb397a94b21763a57d9f80a67cc9
169f289044a1b0a8077d3ee1871252c112f371653667165954661bf7c44c4c27
16a8e97a93ce245b4e254f9a3365a9de33fdb0f0789f12b3e54f12186d64931c
1799f9f70b2e569fc49797d4cc2d802fdeaf64955b4c2f5b357f8cd2f449025d
184df17cd98005b00d5576123c08917edbf37f63159c2b59e01c6d741d76769c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
187f469e81eb5a6824ace7d2587b9d993578610641272aba163bee05de4596f6
18f22b1609a9bea9628f5196ac4f81379fb24478b4ccc0742066502597ad33e1
19402e76616ff18ec8182bf839fe4271507b0038588e4d51d20126440f100cdb
1963ca27f082c71ce37f4bc79af8f26d413f83df94e6b694fbbb1281ce2c72f2
19ec2de2938503db5d504b4544b1e508212d4974c66372115bdbf7f364ead207
19ef6a66e98491724d878c000a1fcb81733dc43bf779afd9633c3f904e53d5e8
1a4bc28ddb2ac51fbbf2e845944b8d4713462bd05516507866ec15357a3c3cf7
1abedfef339e7e5d980748be26a6c60e411e2ee29374853b255dbba5a5229bf3
1ac74f438e79a6ee5459de59cd32aad65dcdb3183cde7fb0b83fc5d01e69c5b0
1ad621e9ddf9359428c5259b8bb5e1bfbe645dd98cf4f65207e146dcefc628aa
1b2f3ecc71ff201cf606074e227a5efb623093b810b2950e745ea34cf7feca4c
1bba871951649ca3e426816d6268387300becc1349928bb4201ac3401184a343
1bf9e7b3d06a10fd0c816d12da694bb24a4a34b66b61bb4b82258a7bc8cb4d37
1c106150a7df40a75531c73947e8c6066f1a1e82baaf8c91e6f3bd65006dc027
1c1c10b01ed43b1f0ce18f15416dc49b4dba27da8b4f64d4aa16ca730b5c9d68
1d188cadb253c70a5a87ebdcea65f7407044606b5c4cf2ca9891970161aa9232
1d1a51e47584de83f3aab0361ed2ca694d4a7b615088a51c2bc98f93d7b6cf91
1d484c6345aab392ed9ff9198dc239eb98e4ec20c43775ede237dda1c453578c
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1d94aa400990768ed9893f3f807951227c21d25057cc34037e1a64182a1eadfe
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ddeb2ef2f9417a26876e20fb4d166a1a0778f3b6e951ce9cd3da02dd4169066
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e2611e99315467949644c5193765d09064f3a8268b85de8e6f035d14bed16b4
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f41b12b40a1b075f3e2aa3ce4f523783e1ab2ad759145dff3105968f392087d
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f668241ee26dfa2db0c2f5fe5dc4ed6418dba1fd6b4c8ac6267cd5baf548f13
1f908207bc70c0af4b1ebd3177f224be9e8ad3e7050cd314625ad9a67e6d36d9
205f80aebdb7de23baccd9cc37f8c912495744e1f947c73211833925cfa501cf
20a8c3ca6709a883f79d46af5cec5d1c135d3e104bba92bc6811f981da451b55
21502515cee9faedd6a4b51c7fa4aebe9fb56e5b2f44c05bc0709d87720b9d58
228d043a05bd0470a913413636d9da566238f1586c7fe49c5a64030a4253a620
23e345dd8b8265ac49ef43a23f300daa6881776797c8c2b33560592e1ba160a9
23f72af4e882a0195f05a66774f002805a01ee4c3812d480e51aeeefbae092b3
243c42777dd1dc3b7e709cc60acf8e8a3e4272faf0b20c276a88cc0984cc6efe
255b0e2c3b28aa6006e57fccb6c8976753aaeddb1dbb3a8feeb1e6a942cc28b6
27c0f5825a8748a3b9da66cb79dd0f03ff943b9e17f73c7a3c4bb287a740cb19
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
28ad5bac26523862036259e0054db7148f83b85be90ed07a91e32a9e206a6a6d
28c4165970bc2b9db87ca79a18b417a8315b69fee209d285e2c2df093bd56cfc
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a76805478771fb0cd54208b7170941c30cd2e85cc900a242bd0117d9a07290e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b6ae1270bd7f8130702084d1bd442e037be9b606cb030ea1960aaf3ba689e60
2bfddb3d8192580a4486dec33b3a33682079a22935110a9ba417efd9e327eebc
2c136c56c92051c6bac12e60613e1acdcec9f3fbe683023f605c78add807f37f
2c2137c099bd65ae461c267ac6d6ef740cda98db008d42ab80bcea5f9acfb1e2
2c3ca18410190fcca378850df00243a36a6883a90a4526c7a434c350d0ce5ea8
2cc001760e74300e278c2faf46eaaf20553d441d17e5690b6054cd463dfa921a
2cc194c018f1090c659aa760b946a7e3cef579330f192250547c5c8bc640410c
2cfabba495f8bbc01a2c3d2cdeea507f9d3f806fd60ef24c756f424ba2c74577
2d8d9bc846d6e015d87337cdf131856efab1f9f840470aae3d514d604eef26fd
2d9dc160791208f908bfd5734791589974c7eeb3cd4e8a97f6c75edd5e029a94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e700e06809391598e26dc71fa67eeec4e4497632163cbe21665f2357f37e94d
2e8744404786783123badc9c0563e846b519431097c49e3b5ee6506576c92cab
2e8b454eb03ad6a30f88aaa056f7bd36a0fd06b91c1ca93956a4e310f5f7b035
2ebe8c45c51d8500d3ad8e40f4ac5118b548a0b3cb700cd6cd9a32cf81aa5c5b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10
2fa2e44f6135affd9c2535d607b355c552d8bbfbfe21677ef9e6404529ba7eaa
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2fe7cd9e77771d06dc70039bb00394369cfef63293f1db7cf6459ab3b27a9603
3053b931360aab35e057ca32638852aedae506fb802cbb2edd3e260c79639fe3
30a02579e32a25db6ede302bdfe2bdbea98ce2fc8d8fb4e04b7cb95694cd1558
30a259a035d5f20ffcdf6667bf50f62e4ce99425e13df39199f366e3092305be
30b4bafcad28fef48298dc6044b213136d4839b4cc1447ac446a1f36430b3217
30c0253372b8980db69d60d719b25d92a1a6b17df9b2c56ba5d91fbe83f7aa27
30f4f1375598d4ea20c8c8df63f915cdc0b382702a856e79d6860847ff2433a3
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
3121b327e5efb78698ff77f163a53bdc71aa8f99a931ed405153f6b4ec2b8beb
31669d7c6eff40766f9664af7840953e5cf2accfaa7ca3eabe9b7b8b12966205
31a83311fe2b2154601452dcfe63596581128398dffbbcb929cf1419887ec55b
31b0e1e81dce3937d09c88beb7b911dd4d56040e1d97141dfda19ca38b4796eb
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31eac1d1fef8ad264e09b7a534e901f912b75d4d9810c09d4ddc21e1887990ca
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
32d390304264612c2a187859cd715099ca4734153e3d3f2c67000816f4fbbe7d
3300addec0003073b3cbd7d44fd73c0f214c79fb85c48efd74d30bab885fa18d
3345bd3bcdf3a06c164844c0f7d2ffb12d5a2e86b78fee0aa36642359087aeb7
336b18c8d9f6f0add44e0a144bdd50e0518a06538b2a25a6be8e709b7e6f6e4e
3376287562825ecbfabd822e8d58c1dfc38c459ee4cd36f69fc019c36f3f8786
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13
33bcc6b68d113156168625b10940aef2bf1569115d9415a55d033c15fc2b3f30
342f9914e4de407fa336620b585e8450f5718c4c96265b43bfd873e543791de1
34a677f2759a82834c9e688f9e1ddbdecd70fad8a6e141922cef176bf362a7d7
34dfab82e961536da0aa2ab6e0739816c7e674cfe5526950cffbdfe2dd0f3463
356f3a46abc744795644091d4fcf2ff3c46eeefc62ccbcd75f9c7154ffc23d6b
3593bdca4580ca6d489b16badb3b3bb76f776ef2a67dbd455f6635ef0370b009
35b86b18bc02b9e4afcf02dd2a015f1d39f3f3bcb04aa884e8c1edf1f7750b46
35db91ee70d6945da160626ce4eeedb92b8ef3c7d8f422ab6e8ca04d59aeb856
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36954ee985731b79a86db98aae1687fd2318f99b9e1c5385123a762e7b4bd7b6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36de070ff0752b164583252b341dff29b6cccfb6d7105fdf3a4b53537727b32c
36dff1c0f45748bccf453036a39168ff12d3bba27e0c792dc6a062d6a991beab
36ecc5b76302bfddb2dfd9cc368630349183745d8ff370079e904aa7f24f5e81
3869986739303d8396d1e89916e4e5ee994eb660080d949ec272f85c2a691048
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
38f32008646c4e60f1132c9c5b68c3636b92c672f44740b1c0a5bd3b0051c29e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39b20ccc1db18582bc0f379d86e28f32fbc7bf91384e3865e5ac5235807da5fc
3b1494a7e2fdcefd9af0ae6c01e3013f8405fd1dcd463efca33d718c13157ffd
3b509740c2288c07d79da8210d3d97c4a85e1c5950c54a2928733ec583584b86
3b7d7e137800a32fc732adbcf08c03731947d2a2e122eab23107832180d653f3
3bbd362e1d30b4ed3e2291854efa306fe7c3977400e2a3146303bd0753e787fc
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3cc74e5ab2c9742127010cd2b9ca44a12f5abfa0573af28361f09ab1b48c1aea
3d35d129105b18a67acd3b2a760b3349503a7558222d65b468eb45e30f5e8379
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d99143bb8b1f560ef0080075ff0c8f0bac01229ca7cff5b5a51134859b078a9
3de2c6892994f7a26c4df903735b6e48c2c111785158ba233f0cffec133227e6
3eac564b5174dea9e1b58c67189931a8c6e75bf045f3357ef442fab90390963e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef7857375d3e4cdba63beed810043d9b5774acd8260c20510fd3e94394793d5
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
3f92219f73f3b42939b07902f5c960d3d04cebb5e0bc4798a76d7c0e0ab1fe83
3fde3f58eb5e95a8a7994102c7ea88ff589a6d4196d16257d263a9821d18bbec
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe2721c2a533967bfcd838be67adfa4c8848faeb3213d47f80fddd4ab75c1ef
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
406b5e9637f14be575feb40ea562ad87cd743bd4ae02c72d83ef630f065733ab
40fe4c7f0bd58cf2596a85ad50e76695d76df8cf9a722e6f7154fb3bfb1557c6
4125c687283bfbd1fa8662aeb2e6396d8f3479c1f5d5155769a310f17d9e4b9d
415f12baa9ec9cacb9bb63b5f8c1e21864a2c6fb125581767bdaff66fc790cdf
41617734ea855203d150db794199a209f3dcef6219b9e6eacda641460cedff70
41704d63fe713fce52941fba264ff01d5e370be6dbdfea89a8f12ce9d48bfa9e
41a312eaa98adf2a8a5e40b7447e9658775067db2cfa9883a7c0af6cae777181
41e25dedc34f962d69e364d834372547e7299d729ef8f7df2d280901ee2203d4
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
42a1b739ee7b5a7c3fc2f8c5183304c8b6d837b36488985314624a47940779fb
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42bb7cd4fb297cc8dd71b73ca7039ad4b1a4aacb9bce0072620ad8f8746e4b40
431f19a6bb719fee858cc1b62e6e5762954f2bd5b0fd13602857ac0c47cdf1b2
433e8820b234985b8b045432b56305ad3e9698048139f5a75b158080c304bd2d
434420874167085efebd1496336250dd59ae15b3eff6a776740d38f2d8b0bd8d
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984
43d8646688f1527ffdf2a06d4dff2a89fdac56edcb8e4d8e38490990c32d3468
43fb0b547e5e8b13d9850217f1136af958ca4fed4fa9ccaa1c447284590e4c94
4408d275bd649594b2301aeb5855c61278b41576cbb6a44f3b41c1f801cf4295
440de44752cda6c376e7fa7c8b2a81b7f2e9e6ac56d9e6bbf376011769f4fff7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2
452eadb753ef17d893004ec4ea2b71fcf435c666bcee58561148f821a6a3ca0d
4574107dba4034af0ac90c8606989cb355a9339c71b993d50fb49c7f34883da6
457fa1b292a866bb466638ce289ddbf683b1d0e9561952fb459d94a96447bd25
45b524d641be150b1c1dfac5026a1b97277e0ebc07b4385eb0c099feffae01e1
45e859d9d249117313060d154b720a123c1889c21a196cec00dd7e182b81e8d7
465fe72514f81fccb7dc41806add85abf16d815f3a3831ceca98bb85475e1d4f
468f4ba28c56be4a5a5acabe1041afe679c6586a57a0fb3d5ecdd6057e3b8a08
46cef8c6de500d71c02d90a0904814258c8c16e6cf80e57771204ad4fe4ae808
46fb67ba5ed9f6454f318fed8a68509a7ce845a6d0b1809f9455d360dd1864d0
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2
473e105ceae153c6d8b221246120fa706e4bfb54511959a40fa12d78f9250952
482f30de55f0667939ffc722514fb7c262fb51c7e29e0d87ac3b46410e4f461c
487ff18a671974fc4e07fd8b0a025435c9d2f8611cb98a6b76b61c2eea3322ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49d9e7ed9c8ce09b30c38ab5fb8946f369a8f48a7f0b305b13987d564c9eb184
4a02cd5cf702c8ea523a628ccec6b30f8e3af81535086738dc5b13178b95483a
4b275848bd9e2fea1da22bfbf7b43408cc23e6e349252aa9687a3a5b4c10bdcc
4b2b86c8dba0275041de7844d4fb4c074ae32a89a1b5970cc2468d33ec03263c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
4b9dd54a4e137d4d0cba2f4734ddaed2457d3a3efd6309b32570021d29376860
4bd56ac0a5f443ad3ae27b91d0c8e85b67485227646d27205005b2ba9e4f4ff1
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d7425f2fe14492c5302685164e9bfb27b37aa9969947a13b5af001854c0ada9
4dd0b3cfdfdcf42a23f2472f47550c549f5b0fa9cea2bdd62a4954c32cdcf487
4deb63fdf271d507d9f8ff1730c63813738d927a4b5cb3ac395048dcd6d3a810
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e772634f80024b2cdd323d11574c47db097c8d930cc01717c23a125ac99ae51
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd
4f128b41820e2e205ec11d9f5a8d6f6d03116ff73b2e6f5545857adef82b5ef5
4f43be119cd3244fe33355fec0c84fe262ae3ca1d5c9b4d9151b952f67c55f92
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a62b7c73fe05875158ae5bcd71e696503f202fdb85a30af4cca186d6206526
510535983f8570daa9e77d7b7cba2c47cefb26ce10143d9184366fd489c4161b
51142edd87ede6a104d3b47bbaad0d3e3a1a1260c4deec3663ffac7cfb9c600b
524ed06eeb5841f5e3c28444b36bde20e057db0435c040a21aa57f34de23e00e
52d0dffffdb3e98c4131ad640b306938ce93d2daef257ca81fc3005b1675d5c0
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5
5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e
5423cdd6162c74224229f59b7c6a762352b3ddc08c9d01074356b2d94174c49e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c36e3a086718ef7bdf414997520157a5614bd290eea885d0aa85d6332922a1
554bd6ee394a173c7144c5316e213e7a3064bb04d0becbaf2cf6fac7feb11ad0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aeee54a674f6d1c04b3199b0ee816a1cf5678c6ae7c5b7d2838f43ba849a3d
55d94347ffb0b15c7fc206c28174366ab659827921195086bafcf394111c74ba
55f189c2a48dc25d22646f07ac267925aa3972553f1eecd168dacca2c6a1ecd8
564bf925bfd3ed57e510d2243c9828c4bd1bde6218a6f7700de52656db55294b
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
578db6cdc45ffbe7eaf29397af74a536fa56b980b96f866898acf2728d03f751
57b68f466e854cd12966ac873b76a727581137640b76062cd8d8abcaef327d4c
57be1d8816e35c22a3c53f2f1af7f6d014f741b5453b44c6d2ab14d074631517
57df1c0cc40257706450047affaeb25139c1e953665d744f9f757e047b7fa2e4
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc
58d4785735aef08f0b053f7edd1db728abb1a993e3cbc05c705ef1317248227a
59810106d2803e597e2887a7b8bcd1e343aa7e3e4c47a493baf6b96dd97f2009
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ac53d98bbcc1a5abdffd7eb55f9599cdb86e2caa3f21736d3e7f6c148ed7c78
5ac84ca2b75aa87f726eda85382c3ba55bcce8f00a33b215555efda3401de203
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b4dd08942d096c41c42aeb1f36db7261f30841da30fedbfd19e77e87a0cfe55
5b5c6eb3ccc2b958e24a03e7d472ca07cdbef0a6d72cf73314221db3fbddb446
5b96035b148d2f3268d77a18e8be1a0e52e3d3549eea6a7c785d5a1feba86d87
5df0f247da77359540280c424cd0e7167941a3824cac7828ffabc4a2997cd887
5e5704f08fead301bb735a56a8358632b23d2ebc5e9e191d39fb9216153bfade
5eaae63dee75aeb8f60decc02d32ecf35dbf69dd8570d409a6f028c73d706e50
5edc66b73792e340b477755f0b38ad34f65d02f155b1e8a411c5c0a06a779a45
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ff8d89b029ec2043f86caf36457219e4e5042562cc242731ef27e1a1972bba3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60407339117704404354709d59f4037c37fa7901f4c56818600580adc82e602a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
615948bc8fa5e6780b77113b957b30dd4d3da73a23584aa9036f7deaa150bfb1
61a48570fd3262b24f84f07f267ef62adbecb776a1a0f3e3cd233e5c440004b5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11
624911fd162802388368d31f2492b1468d81a31ec18d50e49c4b43cc0ded5e34
62548b4071330f498b198ea0713c08f1cc8dfe1b77281a74c87822b51d29078d
626183f205f9f4250cfae2e13d3d00b646dd88f727e91c0d94e24a5e2f131477
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64008d6951424579798b36078eded3bf9a934d42ee3f315ab7129374e7eecadb
642b7919b4dd8a499f2358366815609f1d0c362d3f2a68e420a2e6e33b8a936f
65915660f14f458f00de1f94a3f1d197844330b764576cbe7332975bbcf28360
65e74a5485d11381f71c4d62bb232e688f8afa1180fc4fdfc6e2187c2ae8e9f2
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d
666a3e515ffcc0226f33a6f0b6c4f0a88aa051c44648c5a83a88ff70f9273e84
673f5d299baeeda981614468243ee340af5d12a466ef8edd5681ded634e1d2f6
67a06928d73b313bdb6a0ea15a6f7231965d6dd0478e7b4d2e8e0c5d1c531a65
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
688b5398863481ec6ab98741317daab8a2f91f2701be460040447ed0f9ad8438
697c7c128ada9e859bdf773b88e1c51139868323838e41e863bffae27751e6af
699ecaf4a2ece882871e6f0a9d3370eed2234ea4b2d902f596161ab9cb72c57c
69ea81104af3f7aad9b23eccdd2a708c5fcf6ffdfad1ea15b3d6315ce560d4cf
6a4055df87fb1d7107976b40c27409f42d0e58278bd88e24e49109f09a8de14d
6a647e66154e2d094d529946ffa2b1075321351bfc67230948d13b0aaa68f019
6a69d4401c299bdee736eac1168963bcce5fa8abf91b4cd8f8c52f8429d06668
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a97d13c1c5fbda6b4beef7802aab9a81ff332f4f75abba84973cc43799a6462
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0a9a3f89a5a9633f8b55cefc8e8c937e742f77e16a7f517e245bdec940913d
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b612052fe19a706a356111a5c57e397c5877ce58afbeccbe6a26aaefab372dc
6ce5d3d6ec0557a963ab2bb4df4d2bf46282b75db6493c955b77255a8396630c
6d6a3be6224304c54702e70bb9e67d3568173f4617d5b44b0884971fac67582c
6d72e6bd6fdcdbdb8903054a048d578ef4291c8f6dd09edb83176f2cbfe5c35b
6d84f433ce47fbde66cccfe2f25e18a19a86f7e118e739cf4e713b13e0560705
6e2840bead36b240163706f9e8d26143bd94c61be92443639e185c92c2b1b804
6eeffd3f39150bce43da9ef40dd24f34a9594a609d9a074330b37c16daa624c6
6f06e5942c215b579081fb9f4b6bd6a255521317b8867235a896ae17aaab796b
6f0891439aea7ee7704a8248eaad5b30bb57a37c6d00093f086e8872638de0ab
7033799787acadccc5bb1d0fca1e399d8f32ea796be910fd880d61320aa55128
704e23688a6da0eb274f9f0a903fd7a34e935bfce889db5242c322e6fb903d01
707e9f99a1a6f5f643b8847c8ab19867e8767380ef00b7cf84547bc24a19cb5c
70c882870734e26157598340014b40c4512196ce41be9456a3b6cf85349473d6
70d9b21e78ff3a4f863d77dcf2fbb9c0c3657c9f135af19822e948719951c640
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71e5f8bc3ef5872e97261edcf19863eac7d595a22fd5be11458ba8e28652919f
72201f2fb7c22a9a1d42e3a47d8e627deecdab6af46d414bf44f42cb881f5ad3
7260560873862667d5bb393eee6cfbb0146c006ae3246633fe55199e68d5b07a
72a4ec63cc66747886fc0270433477c322290c617c4b8e2a027bfd4c0e54d9a0
7309c36490b4e1f7b52a9ee156e0825ba0a254bc9178585f88c87ba5bc01195b
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7319048fca57cded14b47792bfc345501c0d90d34b0e104432f1549079f9267d
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
73b52766bd9e4d53e44df444b6238ac524e5a0111196b942e7c5f0f944fb7775
74050f6ca30cbc9a6341071e2de131ac1801d29061c9ea6d84dfb346c564bfc8
7522915bcb350be6f3157b1692458fdf8d6d728c2c09a8d0754c50101078e8c7
752adc4527d87f577077e73d50466dc3f9cd20f9cf0b2bcb64e79b3cc53a7350
75a5df54b464dfe7764d9adf24a991153128280b6e946224aa4d5c67c5af8315
76722bc26c486fb89b80dc3ddfa418089ba725602539f37f56e9f249d7cbce05
7718b70d9e00e10fef1effe9e82c3e386cd22ce5002392b7591403ab294d8f98
776fb2376fdccdafe79afbc1e8bf69ef2132c9d86c11e7724e15a70961179a58
777084ea2ccd862864badac0230353fbf062018ae716fb2c267857cb9010b1b9
77b79363fa6608ffee75711cae147bebdc34b23d7863a25c30c175edeaaa7de3
77df6f1ae61b9f754ac1e534cb62c327cb15e625c1e2c3d515069089dd696e8d
7829b484863af8059fdeab04b28fda7755ebb4f45c782e6bd4da932812331e6f
78b5692681b4b8509f848877ceff7082b42aaa2d6138a4756bd511d2f1c710ce
791531e5d2260e1fc2ad3f3e112257e8170e712ce530fad55f9ab27e56e6be93
79d47ef9c2e4543a78e3f00ad19d4b1c9ffd550f8fb69648d4cdb4cd94563aba
79d9c0e01743e744963cc3431a03cafddec99a837a77ce2795d664ff7506a98c
7a16a4e9245776299b321e93c70b881eed39dbed32b99e0d131c8d9552587944
7a640181766a1a023594158f7294cf5d25263ee90a3194e8c8d15b17fb7cccca
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea
7b23dbd7d848d904ffec436842890ab06b0226c4da091daf75c0b7b7cfd859c0
7b560c687803b8de5b79cbca16fbf82b136018401561e9e0c669be6c17b4720d
7b675b91dd6159d9a10339f17876f5e114977f482278c51b9fbea5eff34e592e
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
7b8ed99c37618c70b3ad0005365c4aba548f686f7bdb4296a70450e58e0585bb
7c2adea4fd6d656ae124f4302459eec0223eceb512aaca9785441427407559b1
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c62797586ed1e43b5b67d8fbbf884ee5d71050f6cd2adcc533dd9a59f23a4c7
7c8012200e257e3a5cd6f0d73a78f21d5a240bb5db7c61b809059e2a7320cbfc
7d13b7f6673244ebde42a21fd4c0cc10210e4881e8bf3b589b1d7a8a625349e1
7dea09afb837c343e952e40b437928e2ee9e2145f903a7cbccf5a61c5821819d
7e0b1af923ef2f50d4b714e6a46165085ff322522579b739cc07463c00025b50
7e3f757ff82d2f8ac1d666d24791051118e659ff029683cef72393bd239fc7ea
7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9
7e6dce1f4ec6487d62435d836d2201e196cdb8ffb263ba1866ac686b25e28e8f
7f6f14021f84bde21c25f412910930be286e18800e5f4b61c6ba638cc0ec85b3
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8032bcbe3dcb3961c4fd914aa0c78b446eed26503c557febf7001fa975fd862d
814c726611b8ee71c378acc9f21dd0aa9be7868f9a7741ecf2e056058b33e9f9
81f251a3b3e3ee751d51c3517e21825113c0da061a541ccf5166d755044a3f25
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
822cfb36492633a52b35513770b2f8a10854bc808e2eab66ed5f23ea66576e96
82780ce2836c88a172cae55692224e6914ef855847023319f79aa3d60e27c554
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
82f63a03b6eb0de8efdd1ae98e19af54f395c2d6bb835d1febcec0c3dfbd9c7c
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8475f3ed2276e14a08794db96b80d4189bfb0857791c691a2e41f51233ff3f5d
855c242f4d3e3e931ce1c6ca0c84edfcfdd988240a25563887980602acd43318
85bb68203051bca1f7848854ab150aee43ee7235d637b180ade5a2cca4eec3ae
85f0844011ea540bed4271dc1c1bcbc12505740a1046cb882cb081826d9a1520
864ebbab00ac567e9b899f90583c1bea831a9c95e65ac8320b17c75f77e8ea03
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07
8869ee25045b203b10e7d561b5a818f6b424e59f0b65bd30bd00d822199f1151
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88df6faafb8ecc0816c8b1526d0de2740dc47fc10d8460536b11b625b63bd9c7
88e2ccfb294bdb1040f7cd0b73c6ef14f3acec12f8b2cfa993edf8b242d638ea
8944da5a861ece00185fa173ea65324e7d4797aa863c6fa0f03e066805974b6c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a73d5844ba7e2c3ec26b5a7073fbbeaed4bbc397c1df04e697760b1285e44d4
8aa7fdb3518fda42ef6e7959cae9618c7896b138957c1ca19935f95ff7dd60bf
8ad4500b94646d58dbf015bf1b1f90970abaee00f3cda54290719465fe20bbd9
8aed95a1a114ca3871843957385f60e80ea15863330bd185e60e4ea2b7701a04
8b1f9b5708af11bb55802b40222d3f329e7c83c0ee2ad69338fb7cf3fa62b479
8b99efcdc7c8bf16ad6b53b2a716bfcd6013401c1cc76b29f2da33ae5a8fc495
8c32806353335dabc17825fd84b7db12fa00047089f297bb1517658396ad5d16
8c9a1cc1b49618b268f6d7429e54f3870f295caa6168071fd1e92e439346f803
8cba6d61cdff0102d3f409cb17694bd820013877c2f1f9fc8724f6d020c927ba
8cbe4665952c6a4920cc99d91166052cb685f35af697c8837337f46d41961d0a
8d3b5420ee831fdc29663f71a3615df7bca0ef96d0c8057d91c93534298ca732
8d626ccfbe4b432311292849afc239011855d71ed640bbdc4573338d7cfbe932
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b
8d7f64bc10eb299fb45b1170ec3194fe0f34df3117fae7dc3c016cbd9ab704c2
8d92c3b28a7a520fc0acd744ce76abd78d7d2b6ca75e278eb45569314a741822
8d99ab4effccb439edcd49ddb7d02aca002252cb065a63a9aee5ccbb46367dce
8d9a626898b0eb192d473e42ed42e2e610cc62bc2651db3ac378e783828abc81
8dea12506041d6f70645daa67bbc4901d00f98c15a647de39a7adba9f7250d76
8e0af78efbbb3fe37d28aa6ebbb09bb4a2cacc34c6e552d2783a0ac274d6d3cb
8e1be2ee741fdf3ebd0c964f3137cdc3f9d4731d8b9ace1dfd5ff8847c76cfe1
8e28f7730755e6ad260b1b5c2a0928617710d0f6ee10b0c6d88cba5ba5871209
8e6a423e9c608c3e47e0db45aab17f98ce9954acef2b064935d7f5b2980340c5
8e92abae529f4ef5b08c07384c6634ab2cd6c44af55f33397c36bc9798397662
8e92b3b722e75fb9c316c0ef14043e440302b994753708d9bdcc9a0f3a638f6d
8eab1160c614b5b90d48a6177b77fdc413cddff8d5272ec2d14d4d2d32942665
8eb16b5abdc002a7b9628ff7eac9d5d3a036d0bfc261327d6bdebe47a635db0b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f59fd783d1a16c4a71b3fc849070afa57d18b0bb47ea4c09f4b92df01808023
8f920bc11ab1f6018e6895b6863e3a8666650ba33a5685ee2af753e63d82c80c
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
901b3226c6c87a83d958ad3351b6010c0e6f762be52db5334bace9598754c8ab
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e
9065d2b721fd5999b3834fbca9cca1d977d59dbf1f8fd49fe2ac787692a33167
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
91146e2673380182c41fb63cfffad4a578631e1a80a60c706daf6abe2c64b6b5
91539d7445b231b3612c4f68bd077160bb791bd7b826df57ce0ee7f2807986cb
918addfec5ade009e30257c082b026d4f3ba88b48d371bc470126dff70bdae77
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a
9248a9868278788fe7cb97205f111176be0987868b00410184df5c67e03d9cf7
93187a7a0d003690c133a72afa93d2a969cbf893bade560caae6ece12e4073f3
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
944ec6768e5401219eea69a8ae97bb72c7c39f6a9a0a48b532e1a56fec61f8ce
946b2ca270f676dc0d367fe332307411fcf85e6f292f5e7552a8a255231b6f69
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
958889b8dab6ef56706d5305de9b7cfe54f6a76ad18e9b4ea719da108d897b45
959b6810d8c92f3583e29f965c347b6cca12cd5f51bb73c91b177bd7833dfdbe
964d2416447aa6da602d729c06dcbc8d40895e9791edec6feb0feaf79297178c
965ed958efbeb975560dafe857826f24d8e50f10456ac911816f6bc18f477826
966626fda03840552072bf96eae759b0010473daec8620c146b7ab562303fd69
96a67b2141dbc9ac0870b34e6bfc02521c2e86a163133083f396d13b2e475ac3
97b21724b083fd068eb4471b9491bfe321cc2cee9e2d17dc9dfa2df1df4bc5f9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a278cc54bf136f0b0eb7a7f31c454073b0222ff80ac7c3767f5ce438432c2a0
9b1696e5dbfca211ad061358236b4fba880491cfe8b86c9a48101d65b53674a0
9c3a5471507a24364303c242b6aa5cd26a27486d415cbf4d7487d1cb8d41781a
9c58a3f0e6eb1f893f9d2a1c0df6015a3dda7219bf31c96cfdd2044396ca6ced
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9dda9830acc35728f7b7f2cff1c740a17337e0e6d7674b67f48dd3a5481e7f6f
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1
9f2e445197f40a69565f192916189459f72e8c2bd0f34d6ebbc74255ffa2e03e
9ff8187f890ed05538d0a48a76bbe156459421e33a95bb34c748a9ffead2c5f8
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595
a05e793ac9cd0643f4d02a1187b20684f58dd27fc2a47f9a9e78bfc13a6a789e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a081f939e65e996a467a486c837e094810eeeb4ffb522499e6bb55b40a351b6e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1032d048683350521b9444f517c12709baec5b2c3d268217840fcc5d145cb0c
a1546b2e0124573e8e8a820c235320f54730c1ea5396bc35b76d0259ada8e765
a1606f00f2009fdaa6004592fd4616c3227eef68dbb0757d9e92ad162ac1843c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1eaa4e8c35f908ff9a44fdd409b62221d5bc26de6ead7c116343d92ef9b7d31
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34f8b5a8cab6119fdcea0072fb1f4c60e603a553f05b75e37dae1a7f59918cd
a3a662d88f8c83e62e89b6866176972132ff80a56240f26898719954322dbeb6
a3f69777dc1f29882c9149b513ad5c5f748020328c8d8f4723a2ee32b8bccfe7
a3fe398ea43657693c787a8b169e7f73547e659bbf63e9a4b1a4a42e7ed0ce35
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a479bfd5d75d479b2009eb8f7930e1201ea9751106be5754697709009b6688e1
a48dba3cc08ef65b3a05acba15a019bb4cf367772a41a85f8452defcf60e06bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ebd2cb81f6c2d004a708e18d50374d27c48f6a3c164d6d1c809f2d6a696210
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52b8433e5d9fbe30caba6faa6b8c4bd87e4c78c7f3f1727114ff85c9629deca
a5dd1343f141dbb27a3ba910237f3bb97032ddfab5c4e618040df38611f234d4
a5f5fa494a1d4ddf6d13b653ebd2dc3f6f8227af11ebc7f36a94c3d40ad8c6fe
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a6b7d4924e2ef5e962cb591dccbe44c6ced095413a934f9a823705d6450093a2
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a767e92a66fc330f8225a5d0e4afaba09c71bc71ecdcd111426cd303d8e48d74
a7bb57c0515f4f76633cf5f3ee87d43c5f6660377bbc9b4734cdba5dc804618a
a80c7226cac798d29857924600ed11dbfbbc6240a3614e9a0a44398ed6125bc0
a8489677363120e65fd9117c80a211682846aaa31c1bc0648cd25d9850faddbd
a888d127604fcbdda9631c793dab880433dcb85da985d3fe1090c9d6b17a7eae
a898fbcc821f5d54f3491713c04dcb3434ebdc77ef9e6011df1eeb86b9255b56
a8b41d8149a46915977c6303f7a0711812582a9a4347fa612026e1406f88c18a
a8e9819bdda22000b44611299b0642c137d0dc7e570ccac03fbac9b17cd5fc89
a8f409a3b5d82a98b9284d73e4776b62ccf360b39a4245fc4ae05d5b09db3bb3
a93124c27c88482f0039adb38cddb5c970f299d27eadb23679b9e9adbee0ba35
a97491cd3cfa6d9c0d32b3a1964131f90ca1a9105d748da9a298cd0f7a987a4f
a976726b1d1bda3e1f271287f3aa7229ca3204ff8bf9cb2b581c610b9c811bef
a995ffdc66f72cd33df4b4f502de4d00b9d698076b0dbb4cc1bbe7c2dba819dc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab34bb107501493ba04171ba083b0c868a99824d3e79aae063c72cd43b94dcb2
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ab9503c9aed2b70c9350f49ef1ec18c2bb9c7dc2a6fc53e9c5c6d611637c0d69
abef47b8458f96e4cb9c7759f0660f766305c5a4c8b22c873d8c10d80d9c219e
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ac85666141502ba702cf8e8966e80505724bf05d1e7be43ce9b6c4ccad2fe0f6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8b9182e4a0ac2892625ff41fe832a7a1120e00fd57404ece7a368493c96af5
accab9b97025999d5c3550549a4bf60e63aa11f4716efdd9be80fccd9b3dc290
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad9a8ae403e09f0c96dd19c7fe5eb5f24b30bf0064d2108d58854abcc9da4e42
add4f871b70e2e8324cd088a0dd6ee4ac58678135cec90155f02361bea14e33b
ae959d07963fa22f3e56a62d7045f26077e339704b33b6561dd6ff57255d9bd8
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a
b058fcf9107ff9ac8afbbc0db17882823df0a344695eddc5243ad8f777eee6f5
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23d6c5e4a6275efcb52f8d4361a68d1b71aa611f39f63505abf44a982fa9b83
b2564f623726f44fbf671dec027ade371e57236f0128c77351bec8fe20b920eb
b27848c2226a0ab56c852aa6c2138e9791cde7393c0de7780e511ee535bf2e54
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97
b342d93742baee0fb0099cf95f23422bda5afb0e983e113b71ccaa88c315f335
b350c59f3a983a4be988f94bed14d91ab0713588e40eee6de09f2088671bc810
b3941cf6f3a9242cac9c0c61524090131135900086b3fcc96d40da10a054f227
b3e0f7fb97d18760d7c327b5bdb964c169f95c8117c0b459115749f4dad965a6
b3ee9f691697efd6172f44a0e5db5bad1e4a5017186ca7df2bdc30aa28db703d
b42c173bb743381ec5c0bc84256a7e0d1956c0e3eb2b3f9a2b65590b18a9304b
b4acdda0f1d27d1efda3b07f8658471829a215f0d71fe76f3325480a0ef8f3d5
b52226ef3646df4d7f114d5bf96dfa97f78747f1b058dd45ff1837cdc49538f0
b595a92bc911ff548e03fe3738ff3b729ea5190c78ac391fc35c38fabdfaccfa
b607154e42a81b546411af9c5e35c995d8ec95cd5e5549081130d56cb35cca0a
b635f81c034b6fbf71e4037c020d5fa178f9c32be19be26c2147f643aa0b1b36
b67596bde5f7562faba79125ecebe3ee3b1f53549cc7ecb7020900d839580d19
b6849b99c9da8c60aec9d8fcad58817ef0aabe354e6f9194f24b7e68df71f41a
b6ad8f4894150c85aa2a6158e918a26f119cba2e97ff2135a03eb1b3a4044230
b6deb5fb69dfbb570595d622dc49076ce9b59de8f66856ac06d5d5cbbd9d7092
b6f16f6713b6b925412d3a2f7c7d387194e7e2858a8307e9413b40322626d64f
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133
b757c92706c9ab6e361bc6ba774e575cf4473fb30e42fb0e3b59f55fc3677a83
b7d1adb16683223ecdd00a08afb4dab4b3affb22428ec13855cb6f5dc98b7d98
b8219662c2fd953b71f4f81d7369361c5042a472b246ef7a6da9c9b6418e8337
b847c82684b4dc3a1162dc27992c4f61efa227a8bf4887892c3b5a8771bb3895
b8504cb69179317d32a031c3e575e1ff2e3be593a2d19ce9b0acc8ac9eb63aa8
b8da17dc22110daf621242492996179fc9f16e35f6c6fd46ed7dc50f74f5c923
b8ee35bfefe82938cf844829226d89e5e933c2668512ddf9426c912d728e1d5d
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812
b9cdf1955f32bc8cf1fea73ffd06e28c90bc5cea8c706a2f59ffd596362cf523
ba124a6148cdf79c7fef47f002f932cb61a2772c234eebd7607d6ada25ef8062
ba344ba2d735904c60663370e2127c7184dce180b9f7d3d89670fa6b0144d3c1
ba90674177e7baee835acaf5262383e3cf3813e8df32612928cf6c49610e7b16
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb97b3ad1f93170123957b8c5e58640d53e43ffc7ab1671f9a690d324be72cdd
bbeaed16523311b1fe2f843d6165b5cd17d4e4395602f7fdc7d80bb7c8d64c88
bc526760dabe2f56d658092189bc227312f81653043ffbd78e0b53bd0ae86768
bc614a222ee109e8bdb51477ae20a05f17c6fc97f61be458626cb1f600f521dd
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd2275583de01af5e855ac8fc38b794b69d940306606945b66d4e76158716000
bd379cf84cc75eb1fcf8ed6366f594792bb5036fab8fe9faf65981d5cb617c70
be20a59e070868c27c97175e33f4b7bc42128bf2ef2a5102d033cd0ca1c821c6
be65e3bddd1818546df81e7c782002e63cdc955e04f4fee43e7b7113f162b648
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6
be87631e707f2bad906b691687eeb7c80c28d8d67aee9e90c48ebfbb3212040c
bef4b1ddab027d10ba46109c0a3227bdf956ef4c9ddb5c2ffd96f98afd26de23
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf35b9677033c1404fb8ed20a0418cfdd0773e01a3d805dff56f029556aab8d4
bf68d396c22f8d42dbf299c4ce4e8476a6358da7ff8f4361e70c5d247ff00928
bfc8935a3a81e5054ca898082640ebe53e5cb8e03864a61ac9a88f93b151e542
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c05996f19679eae53c8f40bbdf408074175e1e96fc41620544e99d7e26588456
c0ce54a881ba942d2c48e40ab4aabcb0e1b90c4b20536d08e51ea316679ea7db
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c14da931d6fd557da1ca54a3b53d63dfc89719bd9ad2d120c0c34aeaf5f99b40
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2723f13a207a4020db32e8ed8360b42c82f96e453750e642104b913738fab7c
c27a563bf388c7a157845184bd629ac5640aaaac4241f2c348e0bd475550565c
c33f1dc20c96906ae6a16e2a46028aadd7b0184ab96b8c6f4f8d97313ba9f3c9
c36bfe516a5c532a274765494b015280d6e94a87723897e6eda7c7bcec2a8f70
c3a112f2455d4d396b71da37b363793ed22bb9d4788fd5f0ceb590bbc3ab06d5
c3a892f7ff0aea7ce425e3751399f9d67c186d45d530b897269cfd2ffb63001c
c3e5be625e310fc3f13a1431c30c2392224e36026629ad71345e24b3a0b692f4
c44fa3abf9f95d64fbc1373831076554d09a4c6b5696b1117485068beff0eb9d
c4625332160446ada2d0abd208dbc1c4b0ea0a8d9368591ce3b0fcb5709fd05f
c4a11786d85db42ed75d27c660ac1a7ad14c373d31a75c579ad6e5f9612ede37
c5b378014548cbfe9f4b73a4d8b7e2124dfb3c0ee5d06148938e74682ab091be
c5b7f199b28693cf11badbf75ce324048bb2092222eadca503596875a82068af
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7181e1efc36f70e4c24bbf537a3bcb3474b419b8967c58c3e062cd02d15b402
c728dcd4ab1ef268051aca58d88a46796dbb18980c07d75e72754254c5e1b745
c784ea6897ad3d3cb8fdd3d56b13fe3661ba7f955b271d17e17d60bf7813579e
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c89e4ce4baf0dfe93a4f59ba1313522d5b6efc24b915deff7bae67e8467472b5
c8aab3c59ca67fc93877acea03a82f210181949e79d9b9bb12ed05f2c9054dd7
c937fa58b7b53c33d199cff42d212c85d0a8324efc3dfee45e67494682b71c97
c9a063251f4a5b50cec6ecc4093cfb0e5e7dcc3bde356b1feb7fb8151f06ee26
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540
cb07b5a3c2335807ae2a717fc9ec690ebe82df49c85335210782f9fe97e42a1d
cb43840df073bee1f580369ac4ae01b38fd48b9d06602510d14462a6fb669240
cb6c14dcdb7f1dc197de65a84c401f15ff281618619897c682a4d7f6f869bef6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf2dc7fc1789d2a4ae03f96a9834ce7cb6de7bd3b61c14ea8dbbd51f140c3d5
cd5a1d7b91176cb7eaa121787a136cd814aca92b6617b501ee63f14ca4f5b530
cd63656c430f88465091e022b84dfa9821db554528f3c4ca85fe27fae8f62651
cdd2f7a65b05d1ba61057ea77d11273bb6e2690cf4ec48adc2ca2fcd0e58c128
cdf4a7cddca2aa970b3e3a33f9394ef212583822d57dfb68b408b26e4c3c2611
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9dcf6da8a82be1335c398a4005def7ee3a53d4698c59dbc6b2b14e72d1263c
cfa54313a6c6bf4bc8a8f4990402dd166bb91730484569a2d1ea29eb3711aba1
cfb0edaae7cc9fa11afd4d15eb1ab6e9bf9e52b65cae987fc70b4654a09856bf
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0b7f0890afccd31a5cb155d93bd008927cb1073c75181a8453084905424d30c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1126299f031a0a60b804707a205d4567beb4088340ac86b62e031f2ee3733ec
d1528aa320627707c1f1084aa1358eed1b9d345f49b8c0f8b253d58af9a8cf93
d163e4f138a995867f8dea1d8772aa753f2a669cae93273b9ad5a2e574ed65b4
d1a48485a139699a76d160053b18be56636963d4a5e72ba422ae4d64b2fa9b68
d29d2296d1396926fa51daf84830e8d9c062d636d62ec1a2db6ea81021e96a2a
d2ad9878a148e6b2b30576374634d8b5110f3c2f625f619c5c95bc126cf82861
d2d98c9925e1a4c82850f58a72eda3f246eb1edbf6fe11b0bf9cc28753f23c11
d395da193c774bf8f1d5c5c88f0f8730349624b7ce23f0349c655a55afcb474c
d3980f4268781baf6bfee7879bffa62f8b0e1fe0c0bca609b8d2299aca75f02c
d3c6cbad68f6797801a955c744aee62f30668da281d0d1df25c4852f6a8504bb
d431ab739b2387932cde2fbf209661ccca549cfaa8cee9a171a16dc3fc537f1a
d43759eeb0bad511a676b580e58291166dfc2375212a83fbcdf622f7c39e8470
d4396aa802dbd86e837619e869f865ec943142b5506de5d5b3a23cb92c82e95a
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375
d47e40f1b0ecb71547a43e2d78800910c238bf00320f2c31fb653d6ccb7eb5a5
d51f4eea47f0ab93be7693f749f5528bea2acf65c7c5ef2f6bafa387e66150d6
d569bb936e70af1ee724f783800f581ff972a88d8b13a7c3c6b042ade0073e19
d6103e6cbefbf86900a4f1fce48f124b93921e7c0ca6231e5e283b076b422827
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6b63e3ce6b4f16b6305a5e90c4a131e2a5b97e26126fed896c9f1621aff85a4
d6d2373fa2f4e78604f95a017030d7f769e319e0188572013671777764181f66
d7153244bfcbed22ffba812a6f631894dbed03a60e0748e1e8d3ef495e900fb1
d80bf2bad8f919f7c28fefbbee6ca0c37afbd11514fc1fe67b162e683dc6c7bf
d852839eaa6442310fe47d7eb308384cd32a4612c0181d20052929d7155d7bc1
d8e779ff8365f90a66fafac0f5b25aa67232b752361a5cc3ca8b157b4f780e35
d90591da863a851280a0bc78f2546c3e22995d6e38a1f1a7a25ebc229f7454b5
d930e7c964fc5c906a3ee6535d94f2a752ea840de40cc5e1f42a6b7b084be9da
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9caf9c6bcc1375287491235d549864393e69225c0c422321a3f1676d52d0f38
d9fc19c63dd8205127c87f2cf3f90e0e69443884bd6a12a1bb2520bea61252c8
da2317c7c5198d128ded621353fbb62aa6e37bde50d39824f07dd36758dfae98
db562b42033799aecccf9126d53cde6c505ae5b37af131128d009896b64cfddf
dbde030cdeb53a320222db7e2af1465dcbf48fb28b96d330f64bdf2c89cc61d7
dcbc18f4e73165e113f15e2bcc58dddce8c4233f94824f9432e02b3385d12abc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd122abb503ca2ebedf09866537075bf3290e7f7b7562585a4da3d38c3b53cb2
dd3bc4d8f183582ee2854dc14b56a96cce80b8b65497a192a62f380a95c9f79d
dd406c02ad20b4101454c82049e8f5047beed8393b27a8dfa8520644f85ab159
de27c046680b743ebbc92cfb4e8432e7a26fe2828458abdad50d6f4074529353
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea2ba6a77f8ae2738e8c8cff00e6ecc93732855f95af7354193ac9b17d3978e
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e
df34a9b06a303f71147e56895795131326330566d2c415b6951000fe71067b3e
dfb534536ff59e48c6c68ea5a728ff903e838e70f98a02115e90bb91d8fcd8fc
dfd82ddcb19084aec86cb4700d8524649e73efbb14541bfc7acd567eca276508
e057a39e24a79b516f2465f1371ccaaec70d9f0cd4f387feddab4ff58c4eb0d8
e0a465b6bbd50e76310a736d891413c62815e172f8f0e0fc9793a159844bcb2e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e215da861b8512e170e596f81368ad67584305991c78917d90a2692e7ec6ac8e
e23ea6b3d0b93f3eb3cf7fd23ed1ad3436bceee4f3051bc1ab3dc8afa9318234
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e27784c5e5f0bf32d189e22536974d8bd0af4bc0f8d3ad953d462f7c92b42754
e2b83da8b872008b62f01fe81857399c901af35cd51fa10b0e7dc9a0e24d33da
e2f2edf508488c0fb0336d5008cd30d929afce66a5adf2c70f8c628f47a1362d
e31988dcc01ca50063ec978eeb7c992ad2110c7ad1b4444430278cd9440e047f
e36c341cc1a1f69173c290f68163e54f323d8583d35ca9979874a0ab5bfe783b
e38595b8488b4678043c6554212ce03ee23b9ed44233c81b42e63c04b1c789e5
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45065cc3ce69b5c38ef7cb8e6cb5a44154cd8b6cc5a84291d0cf96949ea3b0a
e574a4509ea71b73a287354425c44b7fbf927c14ae8a35d1c048f493daca70cd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60438314a39c3708f2953aac02b64083ea91e44506a8896cfef0e83d9d5f1c5
e60c90875e9b5c5074f17ca9f1df61842b1200c46dbe9c0e3fce1fbb3dc64001
e7689e94d4e6de66bd603ed3122c636b4fe7bf97917564e722b713ef53c13f44
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7e2060be119da9157043159de3e65f9e9779b0b8466d692a3e2967893b772cc
e86d9bec22a24d461d6bc1d562c9fc8ab59a6442d4b7ff28e62a991ca9a40c69
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
e8de4f5c266624f0b90b29d0e724404aaaccfc302e57b42cdc9a16983d7d9379
e92ad387dea3eec7164a1840decafa753eb0196b12928e507a1c7165e58cf1f0
e94a7cd65948c40d6c5e41a89efb2d773cc4c03bd2dfd1b05585e89800eb2048
e94b4e515162189374e7a6c962648c1fbfebe91837c5e66e83b4332bcc628a7a
e955fb8d769890e9862c3a5fc4d5c13b37a7e4fdd438683ba2446f0be7a3cfaf
e962357c5f484d91f5ed56e74a6dd896f378c237b6be32c85fa1fc62d1b70bbb
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e97dbef694bb4cf366da8e3eefdd5d665ff77d0f497db71f4a8c70515264a06b
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb675150c4e9853f7a8ad642c850a64e72eacb063b4cd9bb25c40e25209fe7b5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3cd48300f28a1f1486208c9fe92a8d982dee0e6cfd20f2187de6db5027a7b9
eca030f05b377da3312aa5e1effd4af5d89e474b9bee2c722f2993d40028bcf1
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecfe0b7fbf03ab42263df62ad15b49d45489794bf0d45f944aa9a675710b0a43
ed071f657223f6bd460832d9c24d2c407ba5f321f44bb208d9cd77baeefe67e3
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1b2fe8f471014617caf2a6881b2378b19eaf2927e0d56973eb3e8d3d7cdcf8
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82
efac768bfc278e82f32d05bd7e273d20e0d59f73dd64cb5c3b9cac7fd4dd380b
f0263901bb0f042d9d2d5fd4b9ec44f07547fc536ba7d6bbcf3cd247aa180f74
f0d1496fd253f24d60816ebaa0fe6b50eee36afe2a34ac8bd310dc0b95dc60df
f139fb4fb6331723b07c4ce1484c9e46bee5fd96f31065b01bbda2222e9eb5e1
f14a76c50ce2f7118e33332d8280be8f2c017d2d91a2ca03eedbcf38b51dc5ea
f1ff1514637cac5643d2a968669d7964d9084e0e580a6cda1941b5f2dd849800
f20d38df4aab49e3dcdb6b341c8ba599c9ed48951a91aded397a6dedfa18bfa3
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f389d98e1385a7f1aa7767b367799a7369c5b4a64a49c32ab750ac71b4bcd118
f3995824a7e96697f9c7e55631a4a0ff3785c3f931e2c416fe301cf190040a40
f3ba46ae5358220846af34df577b8aa0d1039eff018887336afe7b3d912ee88b
f442712c9ac7577e33190ddb4b3644e630e707d3efa55587bfcf66768b9ebb3c
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd
f4db358b20d4155bdad9235f563f136e8c2d96b6345bcecb0530ba744688d717
f502276c3d39c852470a513dadd00e9f7fa69b9157a14c10f319fbac92c33e67
f51c41b9d26f0851206d50d860cd9048cc9e2adb9f0014a0583bb204d7da44c3
f53b992a3d46b47717e405ea5e95f28a4a08820046d3f947a8ba58bc61339533
f5a521b1888f01ec2553ea43409460f8c21e7b39bcedc749c99ab8dababab11b
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69e197dabe311ee2cf510bcf6b1289dcffb61dd4296be7ae73e355785fef0f3
f6b1aab40dbb86955ec908805dd13da47ef6defbb10d6d324a723c98b3bcc76c
f6dc361964f5593689f4b2d0cd8bd5253ad1df65995648551f77ab5cc314282a
f744634b59058c2fa455853051f7d7cbea03c40a79a2c822e25a22cba5d82316
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f78110796621bc6c8af2e0ac0632dafc23d8ea2009248c39fb1b993b3a01c180
f7d75e8b2a88004fd3b843bbe2be461c8a746c3d412582e251ae683a9cb71aac
f8bba065e4aafcebfff1cad3622e0a079704f611574c88c14ffa71d91f46269f
f94d8cd7a7abc0b44ff24295c7ff072e04cf411bc0429b338797be3d1209de15
fa43023e804760a3afc30fd16ed1553246136329d7a3a871672b5ee8c7022fc2
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb665438d64efb2988cac1082b242a39529900693028ab7e3f7cc3981adb48a2
fb952ad9d98b4884418b2a72e17ef2789f02e5bbaf09cd80afca581e546deab2
fc06659e04276f6af834162afd5727435128e0b8b3a233a24df215f3de040baf
fc8caa1d43b21beddb1746ab7083d245520ff6ffdbf773b5e166dfb68ee37a79
fcd3a9395aed4284facfaa5663eebc9e86197bd9cb7b16c2b57bb46720e92f99
fd74e77fde153206feffb78422815d92738284c067f38dbbcb62d54a8c2f06f2
fe5504b5b063b96ef7f940d8fe043a0950de4d9d4c4a5185156a11744ac6e57b
fe5ffe12a888f717e07570cb53e4986dea0314ced36532affff1dcdb793bb9a4
feab41f3a6e54ba3adb72fafe7eb967aff84bc24295788c285561f44b9e977ca
ff0f78941c63404e9c4ec32e7a87709b9028c9c1262f5daaed9ca9c89ff30003
ff1e8c656466e4a9e8490471e1c94c604d88b3842a0d864410519d4c46c27f3c
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89